Re: devel/fossil: uses pledge() [upstream support / and broken]
On Sun, Mar 25, 2018 at 02:19:59PM -0400, James Turner wrote: > As it seems this is only trigger when the default permissions on the > .fossil file is changed I think we are fine for the 6.3 release. Also > considering the tree was just locked :). I agree. pledge() is enforced only on "fossil status" command, and the violation occurs due to umask change between first fossil(1) run (which created ~/.fossil) and next ones. It seems sqlite3 library (fossil is based on it) will enforce some permission on temporary journal file .fossil-journal to be same as .fossil. > I would suggested submitting a bug upstream letting them know they need > the additional pledge when they try to chmod the file back if it gets > changed. I sent a mail yesterday on the fossil-users@ list, but it didn't poped. I subscribed to the list and resent it this morning. > I'll add the # pledge comment on the next update I commit, thanks for > the heads up on that. Thanks. -- Sebastien Marie
Re: [NEW] rtptools
On 2018/03/25 16:15, Jan Stary wrote: > This is the latest release of RTP tools, > a set of tools to parse, process and send RTP data. > > Jan > # $OpenBSD$ COMMENT = process RTP data DISTNAME = rtptools-1.22 CATEGORIES =net telephony HOMEPAGE = http://www.cs.columbia.edu/irt/software/rtptools/ MASTER_SITES = ${HOMEPAGE}/download/ MAINTAINER =Jan Stary# BSD PERMIT_PACKAGE_CDROM = Yes WANTLIB = c SEPARATE_BUILD =Yes CONFIGURE_STYLE = gnu .include This needs to look a lot more like the other Makefiles in the tree.
Re: devel/fossil: uses pledge() [upstream support / and broken]
As it seems this is only trigger when the default permissions on the .fossil file is changed I think we are fine for the 6.3 release. Also considering the tree was just locked :). I would suggested submitting a bug upstream letting them know they need the additional pledge when they try to chmod the file back if it gets changed. I'll add the # pledge comment on the next update I commit, thanks for the heads up on that. On Sun, Mar 25, 2018 at 09:23:14AM +0200, Sebastien Marie wrote: > Hi, > > I just found (hard way) that devel/fossil has upstream support for > pledge(2). > > It would be preferable to mark it on Makefile. > > $ grep -R pledge . > ./fossil-2.5/auto.def:cc-check-functions pledge > ./fossil-2.5/src/checkin.c: fossil_pledge("stdio rpath wpath cpath id flock > tty chown"); > ./fossil-2.5/src/config.h:** The pledge() interface is currently only > available on OpenBSD 5.9 > ./fossil-2.5/src/config.h:** and later. Make calls to fossil_pledge() no-ops > on all platforms > ./fossil-2.5/src/config.h:# define fossil_pledge(A) > ./fossil-2.5/src/util.c:** Interface to pledge() on OpenBSD 5.9 and later. > ./fossil-2.5/src/util.c:** On platforms that have pledge(), use this routine. > ./fossil-2.5/src/util.c:void fossil_pledge(const char *promises){ > ./fossil-2.5/src/util.c: if( pledge(promises, 0) ){ > ./fossil-2.5/src/util.c:fossil_fatal("pledge(\"%s\",NULL) fails with > errno=%d", > ./fossil-2.5/www/changes.wiki: * Initial infrastructure is in place to make > use of the pledge() > ./fossil-2.5/auto.def.orig:cc-check-functions pledge > > > And I am tracing the problem, before reporting the bug upstream... > > I dunno how to deal with it currently: the version we have in ports is > broken... should we just disable the check for release (and ship an > unpledged but working executable) ? > > The provided diff just adds the pledge() marker. > > > Regarding the pledge() problem: > > The 'status' command trigger it. > > $ fossil status > ... > Abort trap (core dumped) > > $ dmesg | tail -1 > fossil[75892]: pledge "fattr", syscall 124 > > $ kdump > 8372 fossil CALL > open(0x10e760b8169f,0x10202,0644 ) > 8372 fossil NAMI "/home/semarie/.fossil-journal" > 8372 fossil RET open 6 > 8372 fossil CALL fstat(6,0x7f7ea210) > 8372 fossil STRU struct stat { dev=1047, ino=289569, mode=-rw-r- , > nlink=1, uid=1000<"semarie">, gid=1000<"semarie">, rdev=0, > atime=1521962119<"Mar 25 09:15:19 2018">.594806497, mtime=1521962119<"Mar 25 > 09:15:19 2018">.594806497, ctime=1521962119<"Mar 25 09:15:19 > 2018">.594806497, size=0, blocks=0, blksize=16384, flags=0x0, gen=0x0 } > 8372 fossil RET fstat 0 > 8372 fossil CALL fchmod(6,0644 ) > 8372 fossil PLDG fchmod, "fattr", errno 1 Operation not permitted > 8372 fossil PSIG SIGABRT SIG_DFL > 8372 fossil NAMI "fossil.core" > > > -- > Sebastien Marie > > Index: Makefile > === > RCS file: /cvs/ports/devel/fossil/Makefile,v > retrieving revision 1.62 > diff -u -p -r1.62 Makefile > --- Makefile9 Feb 2018 19:42:45 - 1.62 > +++ Makefile25 Mar 2018 07:12:29 - > @@ -18,6 +18,7 @@ PERMIT_PACKAGE_CDROM =Yes > FLAVORS= static > FLAVOR?= > > +# uses pledge() > WANTLIB = c crypto fuse m ssl z > > MODULES = lang/tcl -- James Turner
Re: devel/fossil: uses pledge() [upstream support / and broken]
On Sun, Mar 25, 2018 at 02:32:05PM -0400, James Turner wrote: > On Mon, Mar 26, 2018 at 06:30:16AM +1300, Carlin Bingham wrote: > > On Sun, Mar 25, 2018 at 09:23:14AM +0200, Sebastien Marie wrote: > > > Hi, > > > > > > [ ... ] > > > > > > Regarding the pledge() problem: > > > > > > The 'status' command trigger it. > > > > > > $ fossil status > > > ... > > > Abort trap (core dumped) > > > > > > $ dmesg | tail -1 > > > fossil[75892]: pledge "fattr", syscall 124 > > > > > > $ kdump > > > 8372 fossil CALL > > > open(0x10e760b8169f,0x10202,0644 ) > > > 8372 fossil NAMI "/home/semarie/.fossil-journal" > > > 8372 fossil RET open 6 > > > 8372 fossil CALL fstat(6,0x7f7ea210) > > > 8372 fossil STRU struct stat { dev=1047, ino=289569, mode=-rw-r- > > > , nlink=1, uid=1000<"semarie">, gid=1000<"semarie">, rdev=0, > > > atime=1521962119<"Mar 25 09:15:19 2018">.594806497, mtime=1521962119<"Mar > > > 25 09:15:19 2018">.594806497, ctime=1521962119<"Mar 25 09:15:19 > > > 2018">.594806497, size=0, blocks=0, blksize=16384, flags=0x0, gen=0x0 } > > > > I can replicate this by setting umask 027. The permissions of that file > > are usually mode=-rw-r--r-- and it seems if it's altered by umask it > > tries to call fchmod to set them back and then dies. > > > > > > -- > > Carlin > > Up and it looks like this has already been fixed upstream. > http://fossil-scm.org/index.html/info/396513fa4a6f8da8 > Sorry, I linked to a chown commit not one related to chmod. This is probably still a bug. -- James Turner
Re: devel/fossil: uses pledge() [upstream support / and broken]
On Mon, Mar 26, 2018 at 06:30:16AM +1300, Carlin Bingham wrote: > On Sun, Mar 25, 2018 at 09:23:14AM +0200, Sebastien Marie wrote: > > Hi, > > > > [ ... ] > > > > Regarding the pledge() problem: > > > > The 'status' command trigger it. > > > > $ fossil status > > ... > > Abort trap (core dumped) > > > > $ dmesg | tail -1 > > fossil[75892]: pledge "fattr", syscall 124 > > > > $ kdump > > 8372 fossil CALL > > open(0x10e760b8169f,0x10202,0644 ) > > 8372 fossil NAMI "/home/semarie/.fossil-journal" > > 8372 fossil RET open 6 > > 8372 fossil CALL fstat(6,0x7f7ea210) > > 8372 fossil STRU struct stat { dev=1047, ino=289569, mode=-rw-r- , > > nlink=1, uid=1000<"semarie">, gid=1000<"semarie">, rdev=0, > > atime=1521962119<"Mar 25 09:15:19 2018">.594806497, mtime=1521962119<"Mar > > 25 09:15:19 2018">.594806497, ctime=1521962119<"Mar 25 09:15:19 > > 2018">.594806497, size=0, blocks=0, blksize=16384, flags=0x0, gen=0x0 } > > I can replicate this by setting umask 027. The permissions of that file > are usually mode=-rw-r--r-- and it seems if it's altered by umask it > tries to call fchmod to set them back and then dies. > > > -- > Carlin Up and it looks like this has already been fixed upstream. http://fossil-scm.org/index.html/info/396513fa4a6f8da8 -- James Turner
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: lan...@cvs.openbsd.org 2018/03/25 12:25:22 Modified files: mail/mozilla-thunderbird: Makefile distinfo mail/thunderbird-i18n: Makefile.inc distinfo Log message: Update to thunderbird 52.7.2. Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/ Discussed with sthen@ & naddy@
Ports tree locked
The ports tree is now locked for the 6.3 release. We still want to get in the latest Mozilla point releases. If anything else really important pops up, talk to sthen and me. -- Christian "naddy" Weisgerber na...@mips.inka.de
Re: devel/fossil: uses pledge() [upstream support / and broken]
On Sun, Mar 25, 2018 at 09:23:14AM +0200, Sebastien Marie wrote: > Hi, > > [ ... ] > > Regarding the pledge() problem: > > The 'status' command trigger it. > > $ fossil status > ... > Abort trap (core dumped) > > $ dmesg | tail -1 > fossil[75892]: pledge "fattr", syscall 124 > > $ kdump > 8372 fossil CALL > open(0x10e760b8169f,0x10202,0644 ) > 8372 fossil NAMI "/home/semarie/.fossil-journal" > 8372 fossil RET open 6 > 8372 fossil CALL fstat(6,0x7f7ea210) > 8372 fossil STRU struct stat { dev=1047, ino=289569, mode=-rw-r- , > nlink=1, uid=1000<"semarie">, gid=1000<"semarie">, rdev=0, > atime=1521962119<"Mar 25 09:15:19 2018">.594806497, mtime=1521962119<"Mar 25 > 09:15:19 2018">.594806497, ctime=1521962119<"Mar 25 09:15:19 > 2018">.594806497, size=0, blocks=0, blksize=16384, flags=0x0, gen=0x0 } I can replicate this by setting umask 027. The permissions of that file are usually mode=-rw-r--r-- and it seems if it's altered by umask it tries to call fchmod to set them back and then dies. -- Carlin
[NEW] rtptools
This is the latest release of RTP tools, a set of tools to parse, process and send RTP data. Jan rtptools.tar Description: Unix tar archive
aarch64 bulk build report
bulk build on arm64.ports.openbsd.org started on Wed Mar 21 07:19:17 MDT 2018 finished at Sun Mar 25 06:47:14 MDT 2018 lasted 04D16h27m done with kern.version=OpenBSD 6.3 (GENERIC.MP) #32: Tue Mar 20 15:50:20 MDT 2018 built packages:8131 Mar 21:2049 Mar 22:1521 Mar 23:1181 Mar 24:3063 Mar 25:316 build failures: 71 http://build-failures.rhaalovely.net//aarch64/2018-03-21/audio/audacity.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/comms/hylafax.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/comms/lcdproc.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/databases/gq.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/devel/arm-none-eabi/gcc-linaro,aarch64.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/devel/avr/gdb.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/devel/cln.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/devel/ode.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/devel/xdg-user-dirs.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/editors/emacs.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/editors/emacs21.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/editors/xwpe.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/editors/zile.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/emulators/dynamips.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/emulators/higan.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/emulators/retroarch.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/emulators/vbam.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/games/dxx-rebirth.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/games/eduke32.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/games/frozen-bubble.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/games/gargoyle.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/games/scid.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/games/uqm.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/games/vacuum.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/games/xteddy.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/games/zaz.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/graphics/freeimage.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/graphics/rawstudio.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/japanese/mecab.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/lang/ecl.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/lang/guile2.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/lang/pfe.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/mail/kopano/core,-mapi.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/mail/mailest.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/mail/mozilla-thunderbird,-lightning.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/math/calcoo.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/misc/rocrail.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/multimedia/mediainfo.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/multimedia/xine-lib.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/net/castget.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/net/ftpcopy.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/net/gnaughty.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/net/retroshare.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/net/ushare.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/news/pan.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/productivity/aqbanking.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/security/botan2.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/security/john-jumbo.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/security/softhsm.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/sysutils/sleuthkit.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/telephony/baresip/baresip.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/telephony/baresip/restund.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/textproc/html-xml-utils.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/textproc/link-grammar.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/www/chromium.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/www/iridium.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/www/mozplugger.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/www/newsboat.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/www/w3m,image.log http://build-failures.rhaalovely.net//aarch64/2018-03-21/www/webkit.log
sshguard 1.5-->2.1.0, daemon issues
Hi, I updated the security/sshguard port from 1.5 to 2.1.0 as that version now understands the logs that our newer version of OpenSSH outputs. The port works as it should do, but I have an issue with shutting the daemon down. "rcctl stop sshguard" simply does nothing. The "sshguard" executable is now a shell script, and it does not respond do the TERM signal properly and does not seem to propagate the signal to the helper programs that it starts. I have included the diff in an attachment. Note that the /etc/sshguard.conf file now is required (I modified the sample file so that it fits a vanilla OpenBSD system). If anyone knows how to fix this, then please let me know. Also, I know the ports tree is locked, but it would be nice to get some kind of update of sshguard into the tree when it unlocks again, possibly based on this patch. Regards, -- Andreas Kusalananda Kähäri, National Bioinformatics Infrastructure Sweden (NBIS), Uppsala University, Sweden. Index: Makefile === RCS file: /cvs/ports/security/sshguard/Makefile,v retrieving revision 1.11 diff -u -p -r1.11 Makefile --- Makefile11 Jan 2018 19:27:09 - 1.11 +++ Makefile25 Mar 2018 11:12:30 - @@ -2,8 +2,7 @@ COMMENT= protect against brute force attacks on sshd and others -DISTNAME= sshguard-1.5 -REVISION= 4 +DISTNAME= sshguard-2.1.0 CATEGORIES=security # BSD @@ -13,11 +12,20 @@ WANTLIB+= c pthread HOMEPAGE= http://www.sshguard.net/ MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=sshguard/} -EXTRACT_SUFX= .tar.bz2 +EXTRACT_SUFX= .tar.gz CONFIGURE_STYLE=gnu NO_TEST= Yes -CONFIGURE_ARGS = --with-firewall=pf +pre-install: + ${SUBST_CMD} ${WRKSRC}/doc/sshguard.8 + ${SUBST_CMD} ${WRKSRC}/examples/sshguard.conf.sample + +post-install: + ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/sshguard + ${INSTALL_DATA} ${WRKSRC}/examples/sshguard.conf.sample \ + ${PREFIX}/share/examples/sshguard + ${INSTALL_DATA} ${WRKSRC}/examples/whitelistfile.example \ + ${PREFIX}/share/examples/sshguard .include Index: distinfo === RCS file: /cvs/ports/security/sshguard/distinfo,v retrieving revision 1.3 diff -u -p -r1.3 distinfo --- distinfo27 Jan 2014 15:49:15 - 1.3 +++ distinfo25 Mar 2018 11:12:30 - @@ -1,2 +1,2 @@ -SHA256 (sshguard-1.5.tar.bz2) = tTf4dlRV/fhCT4fUvWleW2dbiOXRZIZUUhN5Rwk+fhk= -SIZE (sshguard-1.5.tar.bz2) = 303767 +SHA256 (sshguard-2.1.0.tar.gz) = ISUqSDSthAjfOE7k3fRoYkqp3pzq1a/eHHc4CkjPAoo= +SIZE (sshguard-2.1.0.tar.gz) = 1117466 Index: patches/patch-doc_sshguard_8 === RCS file: patches/patch-doc_sshguard_8 diff -N patches/patch-doc_sshguard_8 --- /dev/null 1 Jan 1970 00:00:00 - +++ patches/patch-doc_sshguard_825 Mar 2018 11:12:30 - @@ -0,0 +1,14 @@ +$OpenBSD$ + +Index: doc/sshguard.8 +--- doc/sshguard.8.orig doc/sshguard.8 +@@ -119,7 +119,7 @@ Set to enable verbose output from sshg\-blocker. + .SH FILES + .INDENT 0.0 + .TP +-.B %PREFIX%/etc/sshguard.conf ++.B ${SYSCONFDIR}/sshguard.conf + See sample configuration file. + .UNINDENT + .SH WHITELISTING Index: patches/patch-examples_sshguard_conf_sample === RCS file: patches/patch-examples_sshguard_conf_sample diff -N patches/patch-examples_sshguard_conf_sample --- /dev/null 1 Jan 1970 00:00:00 - +++ patches/patch-examples_sshguard_conf_sample 25 Mar 2018 11:12:30 - @@ -0,0 +1,31 @@ +$OpenBSD$ + +Index: examples/sshguard.conf.sample +--- examples/sshguard.conf.sample.orig examples/sshguard.conf.sample +@@ -7,9 +7,11 @@ + REQUIRED CONFIGURATION + # Full path to backend executable (required, no default) + #BACKEND="/usr/local/libexec/sshg-fw-iptables" ++BACKEND="${TRUEPREFIX}/libexec/sshg-fw-pf" + + # Space-separated list of log files to monitor. (optional, no default) + #FILES="/var/log/auth.log /var/log/authlog /var/log/maillog" ++FILES="/var/log/authlog" + + # Shell command that provides logs on standard output. (optional, no default) + # Example 1: ssh and sendmail from systemd journal: +@@ -40,11 +42,11 @@ DETECTION_TIME=1800 + # !! Warning: These features may not work correctly with sandboxing. !! + + # Full path to PID file (optional, no default) +-#PID_FILE=/run/sshguard.pid ++#PID_FILE=/var/run/sshguard.pid + + # Colon-separated blacklist threshold and full path to blacklist file. + # (optional, no default) +-#BLACKLIST_FILE=90:/var/lib/sshguard/enemies ++#BLACKLIST_FILE=90:/var/db/sshguard/enemies + + # IP addresses listed in the WHITELIST_FILE are considered to be + # friendlies and will never be blocked. Index: patches/patch-src_fwalls_command_c === RCS file:
devel/fossil: uses pledge() [upstream support / and broken]
Hi, I just found (hard way) that devel/fossil has upstream support for pledge(2). It would be preferable to mark it on Makefile. $ grep -R pledge . ./fossil-2.5/auto.def:cc-check-functions pledge ./fossil-2.5/src/checkin.c: fossil_pledge("stdio rpath wpath cpath id flock tty chown"); ./fossil-2.5/src/config.h:** The pledge() interface is currently only available on OpenBSD 5.9 ./fossil-2.5/src/config.h:** and later. Make calls to fossil_pledge() no-ops on all platforms ./fossil-2.5/src/config.h:# define fossil_pledge(A) ./fossil-2.5/src/util.c:** Interface to pledge() on OpenBSD 5.9 and later. ./fossil-2.5/src/util.c:** On platforms that have pledge(), use this routine. ./fossil-2.5/src/util.c:void fossil_pledge(const char *promises){ ./fossil-2.5/src/util.c: if( pledge(promises, 0) ){ ./fossil-2.5/src/util.c:fossil_fatal("pledge(\"%s\",NULL) fails with errno=%d", ./fossil-2.5/www/changes.wiki: * Initial infrastructure is in place to make use of the pledge() ./fossil-2.5/auto.def.orig:cc-check-functions pledge And I am tracing the problem, before reporting the bug upstream... I dunno how to deal with it currently: the version we have in ports is broken... should we just disable the check for release (and ship an unpledged but working executable) ? The provided diff just adds the pledge() marker. Regarding the pledge() problem: The 'status' command trigger it. $ fossil status ... Abort trap (core dumped) $ dmesg | tail -1 fossil[75892]: pledge "fattr", syscall 124 $ kdump 8372 fossil CALL open(0x10e760b8169f,0x10202,0644 ) 8372 fossil NAMI "/home/semarie/.fossil-journal" 8372 fossil RET open 6 8372 fossil CALL fstat(6,0x7f7ea210) 8372 fossil STRU struct stat { dev=1047, ino=289569, mode=-rw-r- , nlink=1, uid=1000<"semarie">, gid=1000<"semarie">, rdev=0, atime=1521962119<"Mar 25 09:15:19 2018">.594806497, mtime=1521962119<"Mar 25 09:15:19 2018">.594806497, ctime=1521962119<"Mar 25 09:15:19 2018">.594806497, size=0, blocks=0, blksize=16384, flags=0x0, gen=0x0 } 8372 fossil RET fstat 0 8372 fossil CALL fchmod(6,0644 ) 8372 fossil PLDG fchmod, "fattr", errno 1 Operation not permitted 8372 fossil PSIG SIGABRT SIG_DFL 8372 fossil NAMI "fossil.core" -- Sebastien Marie Index: Makefile === RCS file: /cvs/ports/devel/fossil/Makefile,v retrieving revision 1.62 diff -u -p -r1.62 Makefile --- Makefile9 Feb 2018 19:42:45 - 1.62 +++ Makefile25 Mar 2018 07:12:29 - @@ -18,6 +18,7 @@ PERMIT_PACKAGE_CDROM =Yes FLAVORS= static FLAVOR?= +# uses pledge() WANTLIB = c crypto fuse m ssl z MODULES = lang/tcl