diff --git a/lib/libc/sys/revoke.2 b/lib/libc/sys/revoke.2 index fc6aaf93d543..453c84a88cdb 100644 --- a/lib/libc/sys/revoke.2 +++ b/lib/libc/sys/revoke.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: revoke.2,v 1.12 2015/05/31 23:54:25 schwarze Exp $ +.\" $OpenBSD: revoke.2,v 1.13 2015/11/16 18:25:18 deraadt Exp $ .\" $NetBSD: revoke.2,v 1.3 1995/10/12 15:41:11 jtc Exp $ .\" .\" Copyright (c) 1993 @@ -33,7 +33,7 @@ .\" .\" @(#)revoke.2 8.1 (Berkeley) 6/4/93 .\" -.Dd $Mdocdate: May 31 2015 $ +.Dd $Mdocdate: November 16 2015 $ .Dt REVOKE 2 .Os .Sh NAME @@ -47,13 +47,12 @@ The .Fn revoke function invalidates all current open file descriptors in the system -for the file named by +for the tty device named by .Fa path . Subsequent operations on any such descriptors fail, with the exceptions that a .Fn read -from a character device file which has been revoked -returns a count of zero (end of file), +from a tty which has been revoked returns a count of zero (end of file), and a .Fn close call will succeed. @@ -64,8 +63,13 @@ is called as if all open references to the file had been closed. Access to a file may be revoked only by its owner or the superuser. The .Fn revoke -function is normally used to prepare a terminal device for a new login session, +function is used to prepare a terminal device for a new login session, preventing any access by a previous user of the terminal. +The +.Xr pty 4 +subsystem has this as an implicit operation, but hardwired +. Xr tty 4 +require the operation. .Sh RETURN VALUES .Rv -std .Sh ERRORS @@ -82,6 +86,9 @@ exceeded bytes. .It Bq Er ENOENT The named file or a component of the path name does not exist. +.It Bq Er ENOTTY +.Ar path +is not associated with a tty special device. .It Bq Er EACCES Search permission is denied for a component of the path prefix. .It Bq Er ELOOP diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 12c4a9942c89..a9c54315572c 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_syscalls.c,v 1.240 2015/11/14 22:23:22 deraadt Exp $ */ +/* $OpenBSD: vfs_syscalls.c,v 1.241 2015/11/16 18:25:18 deraadt Exp $ */ /* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */ /* @@ -2828,6 +2828,8 @@ sys_revoke(struct proc *p, void *v, register_t *retval) if ((error = namei(&nd)) != 0) return (error); vp = nd.ni_vp; + if (!(vp->v_flag & VISTTY)) + return (ENOTTY); if ((error = VOP_GETATTR(vp, &vattr, p->p_ucred, p)) != 0) goto out; if (p->p_ucred->cr_uid != vattr.va_uid &&