I decided late in an application's life to start using pledge, so I put a call in at the top and started running it and adding the requirements reported by dmesg on each iteration.
Eventually it reported that the tty promise was breached so I added that and it reported again that the tty promise was breached. From GDB the relevant part of the stack trace is: (gdb) bt #0 ioctl () at /tmp/-:2 #1 0x606521cbcd89301f in ?? () #2 0x000003089d94d4a2 in drmGetVersion (fd=8) at /usr/xenocara/lib/libdrm/mk/libdrm/../../xf86drm.c:708 #3 0x00000308b1d3b7e1 in loader_get_driver_for_fd (fd=8) at /usr/xenocara/lib/mesa/mk/libloader/../../src/loader/loader.c:108 #4 0x00000308b1d02ed6 in dri3_create_screen (screen=0, priv=Unhandled dwarf expression opcode 0xa3) at /usr/xenocara/lib/mesa/mk/libGL/../../src/glx/dri3_glx.c:829 #5 0x00000308b1cf5956 in __glXInitialize (dpy=0x3083034c000) at /usr/xenocara/lib/mesa/mk/libGL/../../src/glx/glxext.c:800 #6 0x00000308b1d080a5 in glXQueryVersion (dpy=Unhandled dwarf expression opcode 0xa3) at /usr/xenocara/lib/mesa/mk/libGL/../../src/glx/glxcmds.c:483 loader_get_driver_for_fd is calling: drmVersionPtr version = drmGetVersion(fd); xf86drm.c at line 708 is in drmIoctl which I presume is the result of some preprocessor magic, calling: ret = ioctl(fd, request, arg); dmesg reports (many times with different PID, same syscall): turtle[32350]: pledge "tty", syscall 54 Clearly pledge is correct: whatever 'request' has this ioctl doing doesn't use the tty promise (fd is probably the X connection). The problem here is the error report in dmesg that the breach is in something which is already included in the list of promises ("stdio inet unix rpath recvfd tty", NULL). I shall continue investigating to get my application to work and follow up if I find anything useful but I hope this is enough information for somebody familiar with the implementation of pledge to quickly figure out where its, or my, misunderstanding is. Cheers, Matthew