> Christoph Leser <[hidden email]> wrote:
>> after upgrading openbsd6.5 to oopenbsd6.6 using sysupgrade isakmpd
>> does no longer write pcap files in /var/run.
>> In /var/log/messages we see the following message:
>> isakmpd: log_packet_init: fopen ("/var/run/isakmpd.pcap", "w")
>> failed: Permission denied
On 2019-12-03 19:30, Theo de Raadt wrote:
> m_priv_local_sanitize_path() contains some realpath() checks.
> I think this is either exposing realpath() abuse( as a result of the
> new in-kernel realpath to support unveil better), or it is hitting the
> realpath() bug which was fixed post-release?
I get similar message when trying to report information about SAs to
isakmpd.results through isakmpd.fifo on 6.6.
echo "S" > /var/run/isakmpd.fifo
...(as root) doesn't return anything, doesn't create results file, and
gives error message in log:
Feb 6 21:20:16 kerber isakmpd: ui_open_result: fopen() failed:
If someone knows about some workaround for obtaining isakmpd.results
on 6.6 I'd be very grateful (or at least binary patch :D )
Before enlightenment - chop wood, draw water.
After enlightenment - chop wood, draw water.