On Fri, Jan 01, 2016 at 10:29:08PM -0500, Michael Reed wrote:
> Hi,
>
> `fuser -u -c /' doesn't seem to work for me:
>
> fuser(28663): syscall 33 "getpw"
>
> The patch below fixes my issue. The pledge condition was already a bit
> long, so I just switched to snprintf(3); not sure what's normally done
> in such situations.
>
When possible, we try to keep the `if conditions' and don't construct
pledge promises strings by hand. Else it would make pledge promises not
grep-able.
Could you confirm this diff resolves your problem ?
Comments ?
--
Sebastien Marie
Index: fstat.c
===================================================================
RCS file: /cvs/src/usr.bin/fstat/fstat.c,v
retrieving revision 1.85
diff -u -p -r1.85 fstat.c
--- fstat.c 30 Dec 2015 19:02:12 -0000 1.85
+++ fstat.c 2 Jan 2016 12:58:31 -0000
@@ -276,7 +276,18 @@ main(int argc, char *argv[])
errx(1, "%s", kvm_geterr(kd));
if (fuser) {
- if (sflg) { /* fuser might call kill(2) */
+ /**
+ * fuser
+ * uflg: need "getpw"
+ * sflg: need "proc" (might call kill(2))
+ */
+ if (uflg && sflg) {
+ if (pledge("stdio rpath getpw proc", NULL) == -1)
+ err(1, "pledge");
+ } else if (uflg) {
+ if (pledge("stdio rpath getpw", NULL) == -1)
+ err(1, "pledge");
+ } else if (sflg) {
if (pledge("stdio rpath proc", NULL) == -1)
err(1, "pledge");
} else {
@@ -284,6 +295,7 @@ main(int argc, char *argv[])
err(1, "pledge");
}
} else {
+ /* fstat */
if (pledge("stdio rpath getpw", NULL) == -1)
err(1, "pledge");
}
