I think we should go with Josh's original diff, without the commentary. I'll commit.
As for the entries not documented in the manual page, the process goes like this: 1. grep the tree for the programs that use it 2. read kern_pledge.c or lower-level code to find out what operations are permitted 3. summarize in around 20 words -- descriptions are intentionally vague on the details, but strong on the concept, so that yeah, the 3rd step is the hard part. Josh Rickmar <joshrick...@outlook.com> wrote: > I was surprised to find that ps -O pledge did not list the pledge > promise names in the same order as the pledge(2) manpage. Besides > lacking consistency, this was also making it difficult to quickly find > which promises are not granted to a process which requires most of > them (e.g. chrome). > > I figure that the manpage is probably the more consulted reference, > and the order that is preferred, so the patch below reorders the > promise names in pledge.h to match. > > There were three promises which are not documented in pledge(2): > disklabel, drm, and vmm. I've just left these at the end. > > diff 3484b12ed58f55deb62bd2fb604ec61c1292c8c7 /usr/src > blob - 6dce461fadda1a98cbe3508a747c0688a0d548ce > file + sys/sys/pledge.h > --- sys/sys/pledge.h > +++ sys/sys/pledge.h > @@ -76,42 +76,42 @@ static const struct { > uint64_t bits; > const char *name; > } pledgenames[] = { > + { PLEDGE_STDIO, "stdio" }, > { PLEDGE_RPATH, "rpath" }, > { PLEDGE_WPATH, "wpath" }, > { PLEDGE_CPATH, "cpath" }, > - { PLEDGE_STDIO, "stdio" }, > + { PLEDGE_DPATH, "dpath" }, > { PLEDGE_TMPPATH, "tmppath" }, > - { PLEDGE_DNS, "dns" }, > { PLEDGE_INET, "inet" }, > + { PLEDGE_MCAST, "mcast" }, > + { PLEDGE_FATTR, "fattr" }, > + { PLEDGE_CHOWNUID, "chown" }, > { PLEDGE_FLOCK, "flock" }, > { PLEDGE_UNIX, "unix" }, > - { PLEDGE_ID, "id" }, > - { PLEDGE_TAPE, "tape" }, > + { PLEDGE_DNS, "dns" }, > { PLEDGE_GETPW, "getpw" }, > - { PLEDGE_PROC, "proc" }, > - { PLEDGE_SETTIME, "settime" }, > - { PLEDGE_FATTR, "fattr" }, > - { PLEDGE_PROTEXEC, "prot_exec" }, > - { PLEDGE_TTY, "tty" }, > { PLEDGE_SENDFD, "sendfd" }, > { PLEDGE_RECVFD, "recvfd" }, > + { PLEDGE_TAPE, "tape" }, > + { PLEDGE_TTY, "tty" }, > + { PLEDGE_PROC, "proc" }, > { PLEDGE_EXEC, "exec" }, > - { PLEDGE_ROUTE, "route" }, > - { PLEDGE_MCAST, "mcast" }, > - { PLEDGE_VMINFO, "vminfo" }, > + { PLEDGE_PROTEXEC, "prot_exec" }, > + { PLEDGE_SETTIME, "settime" }, > { PLEDGE_PS, "ps" }, > - { PLEDGE_DISKLABEL, "disklabel" }, > + { PLEDGE_VMINFO, "vminfo" }, > + { PLEDGE_ID, "id" }, > { PLEDGE_PF, "pf" }, > + { PLEDGE_ROUTE, "route" }, > + { PLEDGE_WROUTE, "wroute" }, > { PLEDGE_AUDIO, "audio" }, > - { PLEDGE_DPATH, "dpath" }, > - { PLEDGE_DRM, "drm" }, > - { PLEDGE_VMM, "vmm" }, > - { PLEDGE_CHOWNUID, "chown" }, > + { PLEDGE_VIDEO, "video" }, > { PLEDGE_BPF, "bpf" }, > - { PLEDGE_ERROR, "error" }, > - { PLEDGE_WROUTE, "wroute" }, > { PLEDGE_UNVEIL, "unveil" }, > - { PLEDGE_VIDEO, "video" }, > + { PLEDGE_ERROR, "error" }, > + { PLEDGE_DISKLABEL, "disklabel" }, > + { PLEDGE_DRM, "drm" }, > + { PLEDGE_VMM, "vmm" }, > { 0, NULL }, > }; > #endif >