1 files changed, 6 insertions, 24 deletions

diff --git a/crypto/openssh/sandbox-capsicum.c b/crypto/openssh/sandbox-capsicum.c
index 11045251c885..9c329aa2ec63 100644
--- a/crypto/openssh/sandbox-capsicum.c
+++ b/crypto/openssh/sandbox-capsicum.c
@@ -45,8 +45,8 @@
  */
 
 struct ssh_sandbox {
-	struct monitor *monitor;
-	pid_t child_pid;
+	int m_recvfd;
+	int m_log_sendfd;
 };
 
 struct ssh_sandbox *
@@ -54,15 +54,10 @@ ssh_sandbox_init(struct monitor *monitor)
 {
 	struct ssh_sandbox *box;
 
-	/*
-	 * Strictly, we don't need to maintain any state here but we need
-	 * to return non-NULL to satisfy the API.
-	 */
 	debug3("%s: preparing capsicum sandbox", __func__);
 	box = xcalloc(1, sizeof(*box));
-	box->monitor = monitor;
-	box->child_pid = 0;
-
+	box->m_recvfd = monitor->m_recvfd;
+	box->m_log_sendfd = monitor->m_log_sendfd;
 	return box;
 }
 
@@ -100,11 +95,11 @@ ssh_sandbox_child(struct ssh_sandbox *box)
 		fatal("can't limit stderr: %m");
 
 	cap_rights_init(&rights, CAP_READ, CAP_WRITE);
-	if (cap_rights_limit(box->monitor->m_recvfd, &rights) < 0 &&
+	if (cap_rights_limit(box->m_recvfd, &rights) < 0 &&
 	    errno != ENOSYS)
 		fatal("%s: failed to limit the network socket", __func__);
 	cap_rights_init(&rights, CAP_WRITE);
-	if (cap_rights_limit(box->monitor->m_log_sendfd, &rights) < 0 &&
+	if (cap_rights_limit(box->m_log_sendfd, &rights) < 0 &&
 	    errno != ENOSYS)
 		fatal("%s: failed to limit the logging socket", __func__);
 	if (cap_enter() < 0 && errno != ENOSYS)
@@ -112,17 +107,4 @@ ssh_sandbox_child(struct ssh_sandbox *box)
 
 }
 
-void
-ssh_sandbox_parent_finish(struct ssh_sandbox *box)
-{
-	free(box);
-	debug3("%s: finished", __func__);
-}
-
-void
-ssh_sandbox_parent_preauth(struct ssh_sandbox *box, pid_t child_pid)
-{
-	box->child_pid = child_pid;
-}
-
 #endif /* SANDBOX_CAPSICUM */