I would like to be able to call chroot(2) in a program that uses pledge(2).
The following (untested) patch makes this possible as part of the
"rpath" promise.
Does this seem like a reasonable idea?
--- sys/kern/kern_pledge.c Thu Jun 29 00:10:07 2017
+++ sys/kern/kern_pledge.c.with_chroot Mon Jul 17 22:32:43 2017
@@ -292,6 +292,7 @@
[SYS_execve] = PLEDGE_EXEC,
[SYS_chdir] = PLEDGE_RPATH,
+ [SYS_chroot] = PLEDGE_RPATH,
[SYS_openat] = PLEDGE_RPATH | PLEDGE_WPATH,
[SYS_fstatat] = PLEDGE_RPATH | PLEDGE_WPATH,
[SYS_faccessat] = PLEDGE_RPATH | PLEDGE_WPATH,
