hello.
I am running a chrooted apache with php and symon/syweb, all working
fine by this point.
Trying to run in in a systrace-constrained environment I stumble upon
this error :
# systrace -A /usr/sbin/httpd
# syntax error
Parse error.
systrace: Filter generation error: filename eq "/bin/sh" and argv eq
"sh -c /bin/rrdtool graph
/symon/cache/1157027400_f585107777cabcbe4d2a641ba7a6f07a '-v bits/s'
'-t if(ath0) of hub' '-w 300' '-h 225' '-s -86400' '-e -1'
'DEF:in=/symon/rrds/hub/if_ath0.rrd:ibytes:AVERAGE'
'DEF:out=/symon/rrds/hub/if_ath0.rrd:obytes:AVERAGE'
'DEF:inp=/symon/rrds/hub/if_ath0.rrd:ipackets:AVERAGE'
'DEF:outp=/symon/rrds/hub/if_ath0.rrd:opackets:AVERAGE'
'DEF:coll=/symon/rrds/hub/if_ath0.rrd:collisions:AVERAGE'
'CDEF:nodata=in,UN,0,*' 'CDEF:inb=in,8,*' 'CDEF:outb=out,8,*'
'CDEF:noutb=outb,-1,*' 'CDEF:pmax=inb,100,/,102,*'
'CDEF:nmax=noutb,100,/,102,*' 'CDEF:totp=inp,outp,+'
'CDEF:per=coll,totp,/,100,*' 'CDEF:p0=per,0,EQ,INF,0,IF'
'CDEF:p10=per,10,LE,INF,0,IF,per,1,GT,INF,0,IF,MIN'
'CDEF:p20=per,20,LE,INF,0,IF,per,10,GT,INF,0,IF,MIN'
'CDEF:p30=per,30,LE,INF,0,IF,per,20,GT,INF,0,IF,MIN'
'CDEF:p40=per,40,LE,INF,0,IF,per,30,GT,INF,0,IF,MIN'
'CDEF:p50=per,50,LE,INF,0,IF,per,40,GT,INF,0,IF,MIN'
'CDEF:p60=per,60,LE,INF,0,IF,per,50,GT,INF,0,IF,MIN'
'CDEF:p70=per,70,LE,INF,0,IF,per,60,GT,INF,0,IF,MIN'
'CDEF:p80=per,80,LE,INF,0,IF,per,70,GT,INF,0,IF,MIN'
'CDEF:p90=per,80,LE,INF,0,IF,per,80,GT,INF,0,IF,MIN'
'CDEF:p100=per,100,LE,INF,0,IF,per,90,GT,INF,0,IF,MIN'
'CDEF:n0=p0,-1,*' 'CDEF:n10=p10,-1,*' 'CDEF:n20=p20,-1,*'
'CDEF:n30=p30,-1,*' 'CDEF:n40=p40,-1,*' 'CDEF:n50=p50,-1,*'
'CDEF:n60=p60,-1,*' 'CDEF:n70=p70,-1,*' 'CDEF:n80=p80,-1,*'
'CDEF:n90=p90,-1,*' 'CDEF:n100=p100,-1,*' 'LINE1:pmax' 'LINE1:nmax'
'COMMENT: min avg max last\\n'
'LINE1:nodata#FF0000' 'AREA:inb#00FF00:in ' 'GPRINT:inb:MIN: %6.2lf
%sbps' 'GPRINT:inb:AVERAGE:%6.2lf %sbps' 'GPRINT:inb:MAX:%6.2lf %sbps'
'GPRINT:inb:LAST:%6.2lf %sbps\\n' 'STACK:p0#FAFFFA' 'STACK:p10#FFFFE6'
'STACK:p20#FFD900' 'STACK:p30#FD6724' 'STACK:p40#E61800'
'STACK:p50#AB2934' 'STACK:p60#B2888B' 'STACK:p70#CC91BA'
'STACK:p80#6A2990' 'STACK:p90#0571B0' 'STACK:p100#000000'
'AREA:noutb#00FFFF:out ' 'GPRINT:outb:MIN:%6.2lf %sbps'
'GPRINT:outb:AVERAGE:%6.2lf %sbps' 'GPRINT:outb:MAX:%6.2lf %sbps'
'GPRINT:outb:
which happens when I try to browse through the symon statistics page.
systrace/httpd terminates, so I cannot have a fully working auto-made
systrace policy.
Is that a bug?
dmesg following
OpenBSD 4.0-beta (GENERIC) #1039: Wed Aug 2 12:10:09 MDT 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium III ("GenuineIntel" 686-class) 799 MHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE
real mem = 267993088 (261712K)
avail mem = 236920832 (231368K)
using 3297 buffers containing 13504512 bytes (13188K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(e0) BIOS, date 03/13/00, BIOS32 rev. 0 @
0xf0680, SMBIOS rev. 2.3 @ 0xf1d30 (42 entries)
bios0: ASUSTeK Computer INC. P3V133
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf0000/0xd02
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf0c80/128 (6 entries)
pcibios0: PCI Interrupt Router at 000:04:0 ("VIA VT82C586 ISA" rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc0000/0x8000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "VIA VT82C691 PCI" rev 0x44
ppb0 at pci0 dev 1 function 0 "VIA VT82C598 AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "S3 ViRGE GX2" rev 0x04
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pcib0 at pci0 dev 4 function 0 "VIA VT82C596A ISA" rev 0x23
pciide0 at pci0 dev 4 function 1 "VIA VT82C571 IDE" rev 0x10: ATA66,
channel 0 configured to compatibility, channel 1 configured to
compatibility
wd0 at pciide0 channel 0 drive 0: <ST3200826A>
wd0: 16-sector PIO, LBA48, 190782MB, 390721968 sectors
wd1 at pciide0 channel 0 drive 1: <ST3200826A>
wd1: 16-sector PIO, LBA48, 190782MB, 390721968 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4
wd1(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 4
wd2 at pciide0 channel 1 drive 0: <Maxtor 6Y200P0>
wd2: 16-sector PIO, LBA48, 194481MB, 398297088 sectors
wd2(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 4
"VIA VT82C596 Power" rev 0x30 at pci0 dev 4 function 3 not configured
vr0 at pci0 dev 9 function 0 "VIA VT6105 RhineIII" rev 0x8b: irq 10,
address 00:0d:61:02:15:33
ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 9: OUI
0x004063, model 0x0034
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: <PC speaker>
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
lm0 at isa0 port 0x290/8: W83781D
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
biomask eb65 netmask ef65 ttymask ffe7
pctr: 686-class user-level performance counters enabled
mtrr: Pentium Pro MTRR support
dkcsum: wd0 matches BIOS drive 0x80
dkcsum: wd1 matches BIOS drive 0x81
dkcsum: wd2 matches BIOS drive 0x82
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
