> To isolate it, can you try changing your shell to something from ports
> and see if it does the same?
>
> panic: ni_pledge
>
> running process is sh
>
> trace:
> panic
> pledge_namei
> namei
> emul_find
> linux_elf_probe
> exec_elf32_makecmds
> check_exec
> sys_execve
> syscall
This diff might help. That specific panic was put into pledge for
the specific purpose of finding such missing initializations as we
transition towards tighter namei handling in pledge.
Index: compat/common/compat_util.c
===================================================================
RCS file: /cvs/src/sys/compat/common/compat_util.c,v
retrieving revision 1.16
diff -u -p -u -r1.16 compat_util.c
--- compat/common/compat_util.c 14 Mar 2015 03:38:46 -0000 1.16
+++ compat/common/compat_util.c 5 Nov 2015 16:54:54 -0000
@@ -105,6 +105,7 @@ emul_find(struct proc *p, caddr_t *sgp,
*cp = '\0';
NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, buf, p);
+ nid.ni_pledge = PLEDGE_EXEC;
if ((error = namei(&nd)) != 0)
goto bad;
@@ -112,6 +113,7 @@ emul_find(struct proc *p, caddr_t *sgp,
*cp = '/';
} else {
NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, buf, p);
+ nid.ni_pledge = PLEDGE_EXEC;
if ((error = namei(&nd)) != 0)
goto bad;
@@ -126,6 +128,7 @@ emul_find(struct proc *p, caddr_t *sgp,
*/
/* XXX: prototype should have const here for NDINIT */
NDINIT(&ndroot, LOOKUP, FOLLOW, UIO_SYSSPACE, prefix, p);
+ nid.ni_pledge = PLEDGE_EXEC;
if ((error = namei(&ndroot)) != 0)
goto bad2;
