> > Must say the forking and piping seems to be a bit silly for a program
> > like this. Certainly adds alot of complexity. Why not simply call
> > opendev up front for each filesystem, creating a list of names and
> > filedescriptors before you pledge, and then iterate over that list
> > afterwards?
> >
> > KISS
>
> I don't think that is a simple refactoring.
>
> And, file descriptor limits.
>
> The other option is to not pledge. But the pledge has a real purpose
> here, to protect the program against hostile input from the disk.
> dumpfs(8) is similar to file(1), a program one runs to make sure
> something you got isn't hostile. Same reason I added pledge to fsck
> and family.
>
> Oddly, the synopsis for dumpfs does not say it supports multiple optarg.
cd /dev
ktrace dumpfs * > /dev/null
kdump | grep ' open' | grep CALL | wc -l
1186
Meanwhile, the default for root is
openfiles 128
Yes a bit silly. But I don't think substantial resource preallocation
is the answer here.
