From ed8698144d6f2ac498ce98a549173674e0cb34fa Mon Sep 17 00:00:00 2001
From: Michael Neumann <mneumann@ntecs.de>
Date: Mon, 13 Jul 2009 00:16:27 +0200
Subject: [PATCH] priv: Define and use PRIV_SETHOSTNAME

---
 sys/emulation/43bsd/43bsd_hostinfo.c | 2 +-
 sys/kern/kern_jail.c                 | 2 ++
 sys/sys/priv.h                       | 3 ++-
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/sys/emulation/43bsd/43bsd_hostinfo.c b/sys/emulation/43bsd/43bsd_hostinfo.c
index 21bedfd247..35e5d40c71 100644
--- a/sys/emulation/43bsd/43bsd_hostinfo.c
+++ b/sys/emulation/43bsd/43bsd_hostinfo.c
@@ -85,7 +85,7 @@ sys_osethostname(struct sethostname_args *uap)
 	KKASSERT(p);
 	name[0] = CTL_KERN;
 	name[1] = KERN_HOSTNAME;
-	error = priv_check_cred(p->p_ucred, PRIV_ROOT, PRISON_ROOT);
+	error = priv_check_cred(p->p_ucred, PRIV_SETHOSTNAME, 0);
 	if (error)
 		return (error);
 	len = MIN(uap->len, MAXHOSTNAMELEN);
diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
index 5a0852d0d8..cb19b62665 100644
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@@ -700,6 +700,8 @@ prison_priv_check(struct ucred *cred, int priv)
 
 	case PRIV_VARSYM_SYS:
 
+	case PRIV_SETHOSTNAME:
+
 		return (0);
 
 	case PRIV_UFS_QUOTAON:
diff --git a/sys/sys/priv.h b/sys/sys/priv.h
index 65624edd26..430e19f0b6 100644
--- a/sys/sys/priv.h
+++ b/sys/sys/priv.h
@@ -85,7 +85,8 @@
 #define	PRIV_SETTIMEOFDAY	18	/* Can call settimeofday. */
 #define	PRIV_SETHOSTID		19	/* Can call sethostid. */
 #define	PRIV_SETDOMAINNAME	20	/* Can call setdomainname. */
-#define	PRIV_VARSYM_SYS		21	/* Can varsym_set(VARSYM_SYS, ...) */
+#define	PRIV_SETHOSTNAME	21	/* Can call sethostname. */
+#define	PRIV_VARSYM_SYS		22	/* Can varsym_set(VARSYM_SYS, ...) */
 
 /*
  * Audit subsystem privileges.
-- 
2.41.0