Hi, Ray Lai <r...@raylai.com> writes: > > On Sun, 5 Jun 2016 21:41:54 +0800 > Ray Lai <r...@raylai.com> wrote: > > > On Sun, 5 Jun 2016 14:10:25 +0200 > > Sebastien Marie <sema...@openbsd.org> wrote: > > > - does the patch maintained locally or by upstream ? if it is only > > > locally, I would kept it as simple as possible. > > > > > > with only one pledge call, it is really simple to understand what is > > > pledged and what it isn't. so it is more simple to maintain later > > > (because code changes on the time). > > > > Okay, you've convinced me. > > > > > > +# uses pledge() > > > > > > it is a bit a minimal comment... :-) > > > > > > some additionnal elements for helping maintainer later: > > > > > > uses pledge(): > > > - inet dns: just for tcpopen() call. once done, no need anymore > > > network stuff. > > > > > > - rpath wpath cpath dpath: ii(1) will create directory structure and > > > fifos on demand (when joining a new channel for example). > > > > Thanks! I just copied from other pledge'd ports, but from the few > > examples I found, they just had one line. (I'm copy-and-paste slacker.) > > Missing rpath, sorry:
This breaks ucspi flavor. Here is a new one that works. ii-ucspi/pledge(2): ucspi take care of ii network capabilities, so ii doesn't need more "inet dns" itself, then I've pledged. I've tested both and works just fine. btw I'll work to add pledge(2) support upstream. Index: Makefile =================================================================== RCS file: /cvs/ports/net/ii/Makefile,v retrieving revision 1.13 diff -u -p -r1.13 Makefile --- Makefile 21 May 2016 05:31:38 -0000 1.13 +++ Makefile 5 Jun 2016 23:02:56 -0000 @@ -3,7 +3,7 @@ COMMENT= minimalist IRC client DISTNAME= ii-1.7 -REVISION= 2 +REVISION= 3 CATEGORIES= net HOMEPAGE= http://tools.suckless.org/ii Index: patches/patch-config_mk =================================================================== RCS file: patches/patch-config_mk diff -N patches/patch-config_mk Index: patches/sslpatch-ii_c =================================================================== RCS file: patches/sslpatch-ii_c diff -N patches/sslpatch-ii_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/sslpatch-ii_c 5 Jun 2016 23:02:56 -0000 @@ -0,0 +1,44 @@ +$OpenBSD$ + +http://git.suckless.org/ii/commit/?id=f79e2f09534d92a6fe4e062b06449a925fef1c41 + +uses pledge(): + - stdio rpath wpath cpath dpath: ii(1) will create directory + structure and fifos on demand (when joining a new channel for + example). + +--- ii.c.orig Sat Jan 5 10:15:13 2013 ++++ ii.c Sun Jun 5 19:35:00 2016 +@@ -410,7 +410,7 @@ static void handle_server_output() { + } + + static void run() { +- Channel *c; ++ Channel *c, *n; + int r, maxfd; + fd_set rd; + struct timeval tv; +@@ -447,9 +447,11 @@ static void run() { + handle_server_output(); + last_response = time(NULL); + } +- for(c = channels; c; c = c->next) ++ for(c = channels; c; c = n) { ++ n = c->next; + if(FD_ISSET(c->fd, &rd)) + handle_channels_input(c); ++ } + } + } + +@@ -480,6 +482,10 @@ int main(int argc, char *argv[]) { + } + } + irc = tcpopen(port); ++ ++ if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) ++ err(1, "pledge"); ++ + if(!snprintf(path, sizeof(path), "%s/%s", prefix, host)) { + fputs("ii: path to irc directory too long\n", stderr); + exit(EXIT_FAILURE); Index: patches/ucspipatch-ii_c =================================================================== RCS file: patches/ucspipatch-ii_c diff -N patches/ucspipatch-ii_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/ucspipatch-ii_c 5 Jun 2016 23:02:56 -0000 @@ -0,0 +1,44 @@ +$OpenBSD$ + +http://git.suckless.org/ii/commit/?id=f79e2f09534d92a6fe4e062b06449a925fef1c41 + +uses pledge(): + - stdio rpath wpath cpath dpath: ii(1) will create directory + structure and fifos on demand (when joining a new channel for + example). + +--- ii.c.orig Sun Jun 5 19:36:53 2016 ++++ ii.c Sun Jun 5 19:44:16 2016 +@@ -386,7 +386,7 @@ static void handle_server_output() { + } + + static void run() { +- Channel *c; ++ Channel *c, *n; + int r, maxfd; + fd_set rd; + struct timeval tv; +@@ -423,9 +423,11 @@ static void run() { + handle_server_output(); + last_response = time(NULL); + } +- for(c = channels; c; c = c->next) ++ for(c = channels; c; c = n) { ++ n = c->next; + if(FD_ISSET(c->fd, &rd)) + handle_channels_input(c); ++ } + } + } + +@@ -455,6 +457,10 @@ int main(int argc, char *argv[]) { + default: usage(); break; + } + } ++ ++ if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) ++ err(1, "pledge"); ++ + if(!snprintf(path, sizeof(path), "%s/%s", prefix, host)) { + fputs("ii: path to irc directory too long\n", stderr); + exit(EXIT_FAILURE);