Hi, On Sat, Mar 05, 2016 at 11:34:22PM +0100, Giovanni Bechis wrote: > Hi, > first try to add pledge(2) support to misc/memcached (only slightly tested), > if I try to put the pledge(2) call before the process dies with syscall 105. > Is this acceptable or should I try to move the pledge(2) code above (before > event_init(3) ) ?
The common usage of pledge(2) is too put the call after initialization. Only in some specials cases it is useful to started pledged early. In the case of memcached, which is a network daemon, the "bad things" could occurs when memcached starts to reply to the world. You have placed the pledge(2) call at same place of drop_privileges() (only used for solaris, it seems). So I would saying it is the right place to call it. But as I don't know privileges(5) under solaris, I couldn't comment on differences between the promises you made with pledge(2) and the ones with setppriv. For commenting on promises (I just read a bit of memcached code), I think the promises are incompatible with pid_file usage (file unlinked at stop time, see memcached.c:5732), and as the rc.d script seems to use it, in default configuration, memcached will be killed when stopping. It will need "cpath" for calling unlink(2). I don't have checked the code more deeply. Thanks. -- Sebastien Marie
