diff options
| author | Reyk Floeter <reyk@cvs.openbsd.org> | 2016-10-04 17:17:31 +0000 |
|---|---|---|
| committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2016-10-04 17:17:31 +0000 |
| commit | 9290b4b7508c036af2be8c47e19a7fb7d8d9ca18 (patch) | |
| tree | f646cce0d09b3563559ad8d034284522a5d1ea1e /usr.sbin/vmd/proc.h | |
| parent | 9172e696a13a394f11feeeae637c38e50925e8ac (diff) | |
Add a new "priv" process that is responsible for ioctls and restricted
operations that aren't allowed under pledge. This is a companion to
the "vmd" process that runs as root but with pledge.
With the "priv" process, each new tap(4) interface now gets a
description to indicate the vm, eg. "vm1-if0-myvm". For network
configuration will be done by vmd/priv later.
OK mlarkin@
Diffstat (limited to 'usr.sbin/vmd/proc.h')
| -rw-r--r-- | usr.sbin/vmd/proc.h | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/usr.sbin/vmd/proc.h b/usr.sbin/vmd/proc.h index b8ebdcc5085..053d9a527f5 100644 --- a/usr.sbin/vmd/proc.h +++ b/usr.sbin/vmd/proc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: proc.h,v 1.7 2016/09/29 22:42:04 reyk Exp $ */ +/* $OpenBSD: proc.h,v 1.8 2016/10/04 17:17:30 reyk Exp $ */ /* * Copyright (c) 2010-2015 Reyk Floeter <reyk@openbsd.org> @@ -89,6 +89,7 @@ enum privsep_procid { PROC_PARENT = 0, PROC_CONTROL, PROC_VMM, + PROC_PRIV, PROC_MAX, } privsep_process; @@ -135,9 +136,10 @@ struct privsep_proc { struct imsg *); void (*p_init)(struct privsep *, struct privsep_proc *); + void (*p_shutdown)(void); const char *p_chroot; + struct passwd *p_pw; struct privsep *p_ps; - void (*p_shutdown)(void); }; struct privsep_fd { |