On Tue, Oct 20, 2015 at 12:18:07PM +0200, Theo Buehler wrote:
> On Tue, Oct 20, 2015 at 11:45:59AM +0200, Jan Stary wrote:
> > My script(1) just got killed with
> >
> > script(15938): syscall 37
>
> Can you provide a reproducible test case? What did you do?
>
syscall 37 is SYS_kill:
$ grep 37 /usr/include/sys/syscall.h
#define SYS_kill 37
[...]
the script(1) source has two calls for kill(2):
$ grep -R kill /usr/src/usr.bin/script
/usr/src/usr.bin/script/script.c: killpg(pgrp, SIGWINCH);
/usr/src/usr.bin/script/script.c: (void)kill(0, SIGTERM);
The second one should be permitted with "stdio": it is a kill to self.
But the first one will be forbidden with the current peldge requests.
This one is in handlesigwinch() function, which is an handler for
SIGWINCH signal, in order to "forward" a received signal to
subprocesses.
So script(1) needs "proc" request to be able to do that.
It could be reproduced easily with tmux(1): inside a tmux session, start
script, and create a new-window (Ctrl+B "): tmux will send SIGWINCH
signal to the script process for telling it "beware, your window size
has changed". And the script process will (try to) send forward this
signal to subprocess.
Here a diff with add "proc" to script(1).
OK ?
--
Sebastien Marie
Index: script.c
===================================================================
RCS file: /cvs/src/usr.bin/script/script.c,v
retrieving revision 1.31
diff -u -p -r1.31 script.c
--- script.c 9 Oct 2015 01:37:08 -0000 1.31
+++ script.c 20 Oct 2015 11:36:55 -0000
@@ -165,7 +165,7 @@ main(int argc, char *argv[])
sa.sa_handler = finish;
(void)sigaction(SIGCHLD, &sa, NULL);
- if (pledge("stdio tty", NULL) == -1)
+ if (pledge("stdio proc tty", NULL) == -1)
err(1, "pledge");
(void)fclose(fscript);
@@ -251,7 +251,7 @@ dooutput(void)
sa.sa_handler = SIG_IGN;
(void)sigaction(SIGCHLD, &sa, NULL);
- if (pledge("stdio", NULL) == -1)
+ if (pledge("stdio proc", NULL) == -1)
err(1, "pledge");
value.it_interval.tv_sec = 30;
