> Date: Sat, 22 Nov 2025 14:13:47 +0100
> From: Jeremie Courreges-Anglas <[email protected]>
>
> Moving this to bugs@,
>
> On Thu, Nov 20, 2025 at 06:58:31AM +0000, Jason McIntyre wrote:
> > hi!
> >
> > upgrading to the latest -current snap, amd64. running daily(8):
> >
> > calendar[87882]: pledge "cpath", syscall 136
> >
> > syscall 136 seems to be "mkdir". i can't work out which script is
> > generating the warning though. it doesn;t seem to be security(8).
> >
> > the structure of my calendar files are pretty much unchanged for a
> > long time. my ~/.calendar/calendar just lists some includes, but
> > nothing i can see that might try to create a directory.
>
> As spotted by tb@ the change is related to the addition of
> setusercontext(LOGIN_SETXDGENV) and its use by default in
> LOGIN_SETALL. I doubt that calendar file processing will ever need
> the XDG_RUNTIME_DIR env variable to run, so the diff below removes
> LOGIN_SETXDGENV from the flags used. In other contexts, adding
> "wpath" may be the right thing do do.
>
> As far as I am concerned this doesn't call for dropping
> LOGIN_SETXDGENV from LOGIN_SETALL by default.
>
> Issue reproduced with an empty ~/calendar file, can't reproduce with
> the diff below. jmc, does this fix your problem?
>
> ok?
I think including LOGIN_SETXDGENV in LOGIN_SETALL was a mistake.
> Index: calendar.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/calendar/calendar.c,v
> diff -u -p -r1.37 calendar.c
> --- calendar.c 1 Feb 2019 16:22:53 -0000 1.37
> +++ calendar.c 22 Nov 2025 12:58:55 -0000
> @@ -193,7 +193,8 @@ main(int argc, char *argv[])
> (void)setpgid(getpid(), getpid());
> (void)setlocale(LC_ALL, "");
> if (setusercontext(NULL, pw, pw->pw_uid,
> - LOGIN_SETALL ^ LOGIN_SETLOGIN))
> + LOGIN_SETALL &
> + ~(LOGIN_SETLOGIN|LOGIN_SETXDGENV)))
> err(1, "unable to set user context (uid
> %u)",
> pw->pw_uid);
> if (acstat) {
>
>
> --
> jca
>
>
