Hi, I uses OpenBSD and it seems you added pledge(2) support in latest release (2.5).
I encountered a pledge() violation while using 'fossil status' command. OpenBSD provides: This is fossil version 2.5 [188a0e2904] 2018-02-07 18:48:14 UTC But I reproduce the violation using tip: This is fossil version 2.5 [1336c4af8a] 2018-03-23 15:37:22 UTC I started a thread on po...@openbsd.org mailing-list too: https://marc.info/?l=openbsd-ports&m=152196264519554&w=2 $ cd ~/repos/fossil-scm $ fossil up ------------------------------------------------------------------------------- checkout: 1336c4af8a016772a8221632eb2e8983635bcbb9 2018-03-23 15:37:22 UTC tags: trunk comment: Disable the SQLite automatic index warning on non-debug builds. (user: drh) changes: None. Already up-to-date $ fossil status repository: /home/semarie/repos/fossil-scm/../fossil-scm.fossil local-root: /home/semarie/repos/fossil-scm/ config-db: /home/semarie/.fossil checkout: 1336c4af8a016772a8221632eb2e8983635bcbb9 2018-03-23 15:37:22 UTC parent: 55a3316b627d3ade86faad8de691358468912492 2018-03-23 14:00:18 UTC tags: trunk comment: Disable the SQLite automatic index warning on non-debug builds. (user: drh) Abort trap (core dumped) The 'Abort trap' is due to a pledge(2) violation. $ dmesg | tail -1 fossil[88938]: pledge "fattr", syscall 124 fossil tries to use a "fattr" promise using syscall fchmod(2) (SYS_fchmod 124). By using ktrace, the syscalls context is: $ ktrace -di fossil status ... Abort trap (core dumped) $ kdump ... 49004 fossil CALL open(0xfd21ac9ae9f,0x10202<O_RDWR|O_CREAT|O_CLOEXEC>,0644<S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH>) 49004 fossil NAMI "/home/semarie/.fossil-journal" 49004 fossil RET open 6 49004 fossil CALL fstat(6,0x7f7ffffbb430) 49004 fossil STRU struct stat { dev=1047, ino=289569, mode=-rw-r----- , nlink=1, uid=1000<"semarie">, gid=1000<"semarie">, rdev=0, atime=1521962119<"Mar 25 09:15:19 2018">.594806497, mtime=1521962119<"Mar 25 09:15:19 2018">.594806497, ctime=1521962119<"Mar 25 09:15:19 2018">.594806497, size=0, blocks=0, blksize=16384, flags=0x0, gen=0x0 } 49004 fossil RET fstat 0 49004 fossil CALL fchmod(6,0644<S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH>) 49004 fossil PLDG fchmod, "fattr", errno 1 Operation not permitted 49004 fossil PSIG SIGABRT SIG_DFL 49004 fossil NAMI "fossil.core" So the pledge violation was the fchmod(x, 0644) on ~/.fossil-journal The gdb backtrace: $ gdb ./fossil fossil.core (gdb) bt #0 fchmod () at -:3 #1 0x000007e2799298b2 in robust_open (z=0x7e4e34b2e9f "/home/semarie/.fossil-journal", f=514, m=420) at ./src/sqlite3.c:31676 #2 0x000007e27990f335 in unixOpen (pVfs=0x7e279db8990, zPath=0x7e4e34b2e9f "/home/semarie/.fossil-journal", pFile=0x7e4e34b2e30, flags=2054, pOutFlags=0x0) at ./src/sqlite3.c:36903 #3 0x000007e2799366e4 in pager_write (pPg=0x7e514f295a8) at ./src/sqlite3.c:21161 #4 0x000007e27995574d in sqlite3BtreeDelete (pCur=0x7e4917e50f0, flags=4 '\004') at ./src/sqlite3.c:54962 #5 0x000007e27994a1db in sqlite3VdbeExec (p=Variable "p" is not available. ) at ./src/sqlite3.c:85589 #6 0x000007e27991584f in sqlite3_step (pStmt=0x7e4917e5518) at ./src/sqlite3.c:79307 #7 0x000007e279822ad5 in db_multi_exec (zSql=Variable "zSql" is not available. ) at db.c:578 #8 0x000007e279826b60 in db_record_repository_filename (zName=Variable "zName" is not available. ) at db.c:2582 #9 0x000007e27981611e in status_cmd () at checkin.c:554 #10 0x000007e279858e46 in main (argc=Variable "argc" is not available. ) at main.c:759 Current language: auto; currently asm Adding 'fattr' to allow fchmod in ./src/checkin.c solves the violation. $ fossil diff Index: src/checkin.c ================================================================== --- src/checkin.c +++ src/checkin.c @@ -472,11 +472,11 @@ const char *zIgnoreFlag = find_option("ignore", 0, 1); unsigned scanFlags = 0; unsigned flags = 0; int vid, i; - fossil_pledge("stdio rpath wpath cpath id flock tty chown"); + fossil_pledge("stdio rpath wpath cpath fattr id flock tty chown"); /* Load affirmative flag options. */ for( i=0; i<count(flagDefs); ++i ){ if( (command==CHANGES || !(flagDefs[i].mask & C_CLASSIFY)) && find_option(flagDefs[i].option, 0, 0) ){ The problem is sqlite3 will use fchmod to change permission on ~/.fossil-journal in some cases, for example when umask has changed between ~/.fossil creation and the run. So "fattr" should be allowed too. $ umask 027 $ rm ~/.fossil{,-journal} $ ls -l ~/.fossil{,-journal} ls: /home/semarie/.fossil: No such file or directory ls: /home/semarie/.fossil-journal: No such file or directory $ fossil status repository: /data/semarie/repos/fossil-scm/../fossil-scm.fossil local-root: /data/semarie/repos/fossil-scm/ config-db: /home/semarie/.fossil checkout: 1336c4af8a016772a8221632eb2e8983635bcbb9 2018-03-23 15:37:22 UTC parent: 55a3316b627d3ade86faad8de691358468912492 2018-03-23 14:00:18 UTC tags: trunk comment: Disable the SQLite automatic index warning on non-debug builds. (user: drh) $ ls -l ~/.fossil{,-journal} ls: /home/semarie/.fossil-journal: No such file or directory -rw-r----- 1 semarie semarie 12288 Mar 26 06:42 /home/semarie/.fossil $ umask 077 $ fossil status repository: /data/semarie/repos/fossil-scm/../fossil-scm.fossil local-root: /data/semarie/repos/fossil-scm/ config-db: /home/semarie/.fossil checkout: 1336c4af8a016772a8221632eb2e8983635bcbb9 2018-03-23 15:37:22 UTC parent: 55a3316b627d3ade86faad8de691358468912492 2018-03-23 14:00:18 UTC tags: trunk comment: Disable the SQLite automatic index warning on non-debug builds. (user: drh) Abort trap (core dumped) $ ls -l ~/.fossil{,-journal} -rw-r----- 1 semarie semarie 12288 Mar 26 06:44 /home/semarie/.fossil -rw------- 1 semarie semarie 0 Mar 26 06:45 /home/semarie/.fossil-journal Thanks. -- Sebastien Marie _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
