Should we consider applying this diff to upstream to avoid the
maintenance issue?
Thanks,
Bryan
> On Dec 20, 2015, at 8:31 AM, David Coppa <dco...@gmail.com> wrote:
>
>> On Sun, Dec 20, 2015 at 2:02 PM, Theo Buehler <t...@math.ethz.ch> wrote:
>> I understand that pledging a port adds complexity to its maintenance
>> and I am not convinced the patch below should be committed to the ports
>> tree.
>>
>> However, since there appears to be a considerable numer of users of i3
>> among OpenBSD users, there might be some interest in this patch, so I'd
>> like to share it. I'd need some positive test reports to be persuaded
>> to try to upstream this.
>
> Please refactor your diff on a very current -current, I've committed
> an update for i3 yesterday...
>
> And please also protect the pledge code with "#if defined(__OpenBSD__)"
>
> Ciao!
> David
>
>> I'm running variations of this patch for about three weeks now.
>>
>> Note that i3status is not included. It is not currently possible to
>> pledge this program without severly cutting down its features.
>>
>> Index: x11/i3/Makefile
>> ===================================================================
>> RCS file: /cvs/ports/x11/i3/Makefile,v
>> retrieving revision 1.98
>> diff -u -p -r1.98 Makefile
>> --- x11/i3/Makefile 4 Oct 2015 08:48:12 -0000 1.98
>> +++ x11/i3/Makefile 20 Dec 2015 12:47:01 -0000
>> @@ -3,6 +3,7 @@
>> COMMENT = improved dynamic tiling window manager
>>
>> DISTNAME = i3-4.11
>> +REVISION = 0
>> CATEGORIES = x11
>>
>> EXTRACT_SUFX = .tar.bz2
>> Index: x11/i3/patches/patch-i3-msg_main_c
>> ===================================================================
>> RCS file: x11/i3/patches/patch-i3-msg_main_c
>> diff -N x11/i3/patches/patch-i3-msg_main_c
>> --- /dev/null 1 Jan 1970 00:00:00 -0000
>> +++ x11/i3/patches/patch-i3-msg_main_c 20 Dec 2015 12:47:01 -0000
>> @@ -0,0 +1,16 @@
>> +$OpenBSD$
>> +
>> +pledge for i3-msg:
>> +rpath and unix needed for talking to the i3 socket in /tmp
>> +
>> +--- i3-msg/main.c.orig Sun Dec 6 01:38:41 2015
>> ++++ i3-msg/main.c Sun Dec 6 01:39:44 2015
>> +@@ -119,6 +119,8 @@ static yajl_callbacks reply_callbacks = {
>> + };
>> +
>> + int main(int argc, char *argv[]) {
>> ++ if (pledge("stdio rpath unix", NULL) == -1)
>> ++ err(EXIT_FAILURE, "pledge");
>> + char *env_socket_path = getenv("I3SOCK");
>> + if (env_socket_path)
>> + socket_path = sstrdup(env_socket_path);
>> Index: x11/i3/patches/patch-i3-nagbar_main_c
>> ===================================================================
>> RCS file: /cvs/ports/x11/i3/patches/patch-i3-nagbar_main_c,v
>> retrieving revision 1.7
>> diff -u -p -r1.7 patch-i3-nagbar_main_c
>> --- x11/i3/patches/patch-i3-nagbar_main_c 4 Oct 2015 08:48:12 -0000
>> 1.7
>> +++ x11/i3/patches/patch-i3-nagbar_main_c 20 Dec 2015 12:47:01 -0000
>> @@ -1,6 +1,14 @@
>> $OpenBSD: patch-i3-nagbar_main_c,v 1.7 2015/10/04 08:48:12 dcoppa Exp $
>> +
>> +surprisingly wide pledge for this program
>> +
>> +wpath cpath for writing a script
>> +rpath getpw for checking access permissions
>> +proc exec for executing the script
>> +unix for talking to the i3 socket
>> +
>> --- i3-nagbar/main.c.orig Wed Sep 30 08:55:10 2015
>> -+++ i3-nagbar/main.c Fri Oct 2 16:58:54 2015
>> ++++ i3-nagbar/main.c Sun Dec 6 01:23:02 2015
>> @@ -170,7 +170,7 @@ static void handle_button_release(xcb_connection_t *co
>> }
>>
>> @@ -9,4 +17,14 @@ $OpenBSD: patch-i3-nagbar_main_c,v 1.7 2
>> + sasprintf(&terminal_cmd, "${X11BASE}/bin/xterm -e %s", link_path);
>> printf("argv0 = %s\n", argv0);
>> printf("terminal_cmd = %s\n", terminal_cmd);
>> +
>> +@@ -464,6 +464,9 @@ int main(int argc, char *argv[]) {
>> +
>> + font = load_font(pattern, true);
>> + set_font(&font);
>> ++
>> ++ if (pledge("stdio rpath wpath cpath getpw proc exec unix", NULL) == -1)
>> ++ err(EXIT_FAILURE, "pledge");
>> +
>> + xcb_rectangle_t win_pos = get_window_position();
>>
>> Index: x11/i3/patches/patch-i3bar_src_main_c
>> ===================================================================
>> RCS file: x11/i3/patches/patch-i3bar_src_main_c
>> diff -N x11/i3/patches/patch-i3bar_src_main_c
>> --- /dev/null 1 Jan 1970 00:00:00 -0000
>> +++ x11/i3/patches/patch-i3bar_src_main_c 20 Dec 2015 12:47:01 -0000
>> @@ -0,0 +1,18 @@
>> +$OpenBSD$
>> +
>> +stdio rpath unix for talking to the i3 socket
>> +wpath for logging
>> +proc exec to execute the bar
>> +
>> +--- i3bar/src/main.c.orig Sun Dec 6 01:08:28 2015
>> ++++ i3bar/src/main.c Sun Dec 6 01:07:08 2015
>> +@@ -95,6 +95,9 @@ int main(int argc, char **argv) {
>> + char *socket_path = getenv("I3SOCK");
>> + char *i3_default_sock_path = "/tmp/i3-ipc.sock";
>> +
>> ++ if (pledge("stdio rpath wpath proc exec unix", NULL) == -1)
>> ++ err(EXIT_FAILURE, "pledge");
>> ++
>> + /* Initialize the standard config to use 0 as default */
>> + memset(&config, '\0', sizeof(config_t));
>> +
>> Index: x11/i3/patches/patch-src_main_c
>> ===================================================================
>> RCS file: x11/i3/patches/patch-src_main_c
>> diff -N x11/i3/patches/patch-src_main_c
>> --- /dev/null 1 Jan 1970 00:00:00 -0000
>> +++ x11/i3/patches/patch-src_main_c 20 Dec 2015 12:47:01 -0000
>> @@ -0,0 +1,20 @@
>> +$OpenBSD$
>> +
>> +stdio rpath unix for talking to the i3 socket in /tmp
>> +wpath cpath are needed for the restart-in-place functionality
>> +proc exec for executing programs
>> +
>> +--- src/main.c.orig Wed Sep 30 08:55:10 2015
>> ++++ src/main.c Sun Dec 6 00:36:10 2015
>> +@@ -785,6 +785,11 @@ int main(int argc, char *argv[]) {
>> + xcb_free_pixmap(conn, pixmap);
>> + }
>> +
>> ++ /* can't pledge if shm_* calls are used */
>> ++ if (shmlog_size == 0)
>> ++ if (pledge("stdio rpath wpath cpath proc exec unix", NULL) == -1)
>> ++ err(EXIT_FAILURE, "pledge");
>> ++
>> + struct sigaction action;
>> +
>> + action.sa_sigaction = handle_signal;
>
