On Fri, Jan 29, 2016 at 04:13:20PM -0500, Michael McConville wrote:
> Sorry for disappearing.
>
> Thanks for pointing out the VCS popen. Below is a draft that
> incorporates your suggestions. Let me know if it's too fine-grained. My
> thought was that it's ideal to drop exec as early as possible.
>
Michael's patch is very nice and should definitely make it in.
Yet after speaking with upstream the other day it was made very clear to
me that upstream wants the patch in their repository. Since my upstream
patch requires a change in configure.ac (and thus a rerunning
autoreconf) I don't want to put it in ports. So my plan is:
1. Use Michael's patch until upstream releases a new version.
2. Send Michael's patch upstream.
3. Wait for new version.
4. Update port, remove old patches.
Attached below is the git patch that will go upstream. I'd appreciate
any feedback.
Regards,
Florian
diff --git a/configure.ac b/configure.ac
index 42aaf79..65293c1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -57,7 +57,7 @@ AC_CHECK_DECL([CPU_ZERO, CPU_SET], [AC_DEFINE([USE_CPU_SET],
[], [Use CPU_SET ma
AC_CHECK_MEMBER([struct dirent.d_type], [AC_DEFINE([HAVE_DIRENT_DTYPE], [],
[Have dirent struct member d_type])], [], [[#include <dirent.h>]])
AC_CHECK_MEMBER([struct dirent.d_namlen], [AC_DEFINE([HAVE_DIRENT_DNAMLEN],
[], [Have dirent struct member d_namlen])], [], [[#include <dirent.h>]])
-AC_CHECK_FUNCS(fgetln getline realpath strlcpy strndup vasprintf madvise
posix_fadvise pthread_setaffinity_np)
+AC_CHECK_FUNCS(fgetln getline realpath strlcpy strndup vasprintf madvise
posix_fadvise pthread_setaffinity_np pledge)
AC_CONFIG_FILES([Makefile the_silver_searcher.spec])
AC_CONFIG_HEADERS([src/config.h])
diff --git a/src/main.c b/src/main.c
index 4d0e623..1551c0d 100644
--- a/src/main.c
+++ b/src/main.c
@@ -35,6 +35,12 @@ int main(int argc, char **argv) {
int workers_len;
int num_cores;
+#ifdef HAVE_PLEDGE
+ if (pledge("stdio rpath proc exec", NULL) < 0) {
+ die("pledge: %s", strerror(errno));
+ }
+#endif
+
set_log_level(LOG_LEVEL_WARN);
work_queue = NULL;
@@ -156,6 +162,12 @@ int main(int argc, char **argv) {
log_debug("No CPU affinity support.");
#endif
}
+
+#ifdef HAVE_PLEDGE
+ if (pledge("stdio rpath", NULL) < 0) {
+ die("pledge: %s", strerror(errno));
+ }
+#endif
for (i = 0; paths[i] != NULL; i++) {
log_debug("searching path %s for %s", paths[i], opts.query);
symhash = NULL;
diff --git a/src/options.c b/src/options.c
index 6bc5b18..bcd452e 100644
--- a/src/options.c
+++ b/src/options.c
@@ -600,6 +600,12 @@ void parse_options(int argc, char **argv, char
**base_paths[], char **paths[]) {
}
}
+#ifdef HAVE_PLEDGE
+ if (opts.skip_vcs_ignores && pledge("stdio rpath proc", NULL) < 0) {
+ die("pledge: %s", strerror(errno));
+ }
+#endif
+
if (help) {
usage();
exit(0);
@@ -659,6 +665,12 @@ void parse_options(int argc, char **argv, char
**base_paths[], char **paths[]) {
}
}
+#ifdef HAVE_PLEDGE
+ if (pledge("stdio rpath proc", NULL) < -1) {
+ die("pledge: %s", strerror(errno));
+ }
+#endif
+
if (opts.context > 0) {
opts.before = opts.context;
opts.after = opts.context;
