Hello,
Upstream Spectrwm is working on a pledge version, test are welcome.
Diff attached.
Thanks!
--
Sending from my toaster.
Index: Makefile
===================================================================
RCS file: /cvs/ports/x11/spectrwm/Makefile,v
retrieving revision 1.25
diff -u -p -r1.25 Makefile
--- Makefile 9 Sep 2018 14:00:00 -0000 1.25
+++ Makefile 25 Sep 2018 07:04:28 -0000
@@ -10,6 +10,7 @@ GH_ACCOUNT= conformal
GH_PROJECT= spectrwm
DISTNAME= ${GH_PROJECT}-${V}
CATEGORIES= x11
+REVISION= 0
HOMEPAGE= https://github.com/conformal/spectrwm/
MAINTAINER= Gonzalo L. R. <[email protected]>
@@ -17,8 +18,8 @@ MAINTAINER= Gonzalo L. R. <gonzalo@open
# BSD
PERMIT_PACKAGE_CDROM= Yes
-WANTLIB += X11 X11-xcb Xcursor Xft c util xcb xcb-util xcb-icccm
-WANTLIB += xcb-keysyms xcb-randr xcb-xtest
+WANTLIB += X11 X11-xcb Xcursor Xft c util xcb xcb-icccm xcb-keysyms
+WANTLIB += xcb-randr xcb-util xcb-xinput xcb-xtest
NO_TEST= Yes
Index: patches/patch-Makefile
===================================================================
RCS file: /cvs/ports/x11/spectrwm/patches/patch-Makefile,v
retrieving revision 1.8
diff -u -p -r1.8 patch-Makefile
--- patches/patch-Makefile 9 Sep 2018 14:47:14 -0000 1.8
+++ patches/patch-Makefile 25 Sep 2018 07:04:28 -0000
@@ -8,7 +8,7 @@ Index: Makefile
#CFLAGS+=-DSWM_DENY_CLOCK_FORMAT
CPPFLAGS+= -I${X11BASE}/include -I${X11BASE}/include/freetype2
-LDADD+=-lutil -L${X11BASE}/lib -lX11 -lX11-xcb -lxcb-util -lxcb-icccm
-lxcb-keysyms -lxcb-randr -lxcb-xtest -lXft -lXcursor
-+LDADD+=-lutil -L${X11BASE}/lib -lX11 -lX11-xcb -lxcb -lxcb-util -lxcb-icccm
-lxcb-keysyms -lxcb-randr -lxcb-xtest -lXft -lXcursor
++LDADD+=-lutil -L${X11BASE}/lib -lX11 -lX11-xcb -lxcb-util -lxcb-icccm
-lxcb-keysyms -lxcb-randr -lxcb-xinput -lxcb-xtest -lXft -lXcursor
BUILDVERSION != sh "${.CURDIR}/buildver.sh"
.if !${BUILDVERSION} == ""
CPPFLAGS+= -DSPECTRWM_BUILDSTR=\"$(BUILDVERSION)\"
Index: patches/patch-spectrwm_c
===================================================================
RCS file: /cvs/ports/x11/spectrwm/patches/patch-spectrwm_c,v
retrieving revision 1.9
diff -u -p -r1.9 patch-spectrwm_c
--- patches/patch-spectrwm_c 9 Sep 2018 14:00:00 -0000 1.9
+++ patches/patch-spectrwm_c 25 Sep 2018 07:04:28 -0000
@@ -2,7 +2,26 @@ $OpenBSD: patch-spectrwm_c,v 1.9 2018/09
Index: spectrwm.c
--- spectrwm.c.orig
+++ spectrwm.c
-@@ -291,7 +291,7 @@ uint32_t swm_debug = 0
+@@ -54,6 +54,9 @@
+ #include <fcntl.h>
+ #include <locale.h>
+ #include <paths.h>
++#if !defined(__OpenBSD__)
++#include "pledge.h"
++#endif
+ #include <pwd.h>
+ #include <regex.h>
+ #include <signal.h>
+@@ -75,7 +78,7 @@
+ #include <xcb/xcb_event.h>
+ #include <xcb/xcb_icccm.h>
+ #include <xcb/xcb_keysyms.h>
+-#if defined(__linux__) || defined(__FreeBSD__)
++#if defined(__linux__) || defined(__FreeBSD__) || defined(__OpenBSD__)
+ #include <xcb/xinput.h>
+ #define SWM_XCB_HAS_XINPUT
+ #endif
+@@ -291,7 +294,7 @@ uint32_t swm_debug = 0
#define SWM_CONF_KEYMAPPING (1)
#ifndef SWM_LIB
@@ -11,3 +30,33 @@ Index: spectrwm.c
#endif
char **start_argv;
+@@ -3880,6 +3883,9 @@ spawn(int ws_idx, union arg *args, bool close_fd)
+ if (args == NULL || args->argv[0] == NULL)
+ return;
+
++ if (pledge("stdio proc exec", NULL) == -1)
++ err(1, "pledge");
++
+ DNPRINTF(SWM_D_MISC, "%s\n", args->argv[0]);
+
+ close(xcb_get_file_descriptor(conn));
+@@ -12469,6 +12475,9 @@ main(int argc, char *argv[])
+ if (setlocale(LC_CTYPE, "") == NULL || setlocale(LC_TIME, "") == NULL)
+ warnx("no locale support");
+
++ if (pledge("stdio rpath proc exec getpw dns unix", NULL) == -1)
++ err(1, "pledge");
++
+ /* handle some signals */
+ bzero(&sact, sizeof(sact));
+ sigemptyset(&sact.sa_mask);
+@@ -12499,6 +12508,9 @@ main(int argc, char *argv[])
+ pwd = getpwuid(getuid());
+ if (pwd == NULL)
+ errx(1, "invalid user: %d", getuid());
++
++ if (pledge("stdio rpath proc exec", NULL) == -1)
++ err(1, "pledge");
+
+ xcb_grab_server(conn);
+ xcb_aux_sync(conn);
