Re: pledge(2) for the i3 window manager

Sun, 20 Dec 2015 06:26:08 -0800 

On Sun, Dec 20, 2015 at 02:30:24PM +0100, David Coppa wrote:
> On Sun, Dec 20, 2015 at 2:02 PM, Theo Buehler <t...@math.ethz.ch> wrote:
> > I understand that pledging a port adds complexity to its maintenance
> > and I am not convinced the patch below should be committed to the ports
> > tree.
> >
> > However, since there appears to be a considerable numer of users of i3
> > among OpenBSD users, there might be some interest in this patch, so I'd
> > like to share it.  I'd need some positive test reports to be persuaded
> > to try to upstream this.
> 
> Please refactor your diff on a very current -current, I've committed
> an update for i3 yesterday...
> 
> And please also protect the pledge code with "#if defined(__OpenBSD__)"

Thanks!

Index: Makefile
===================================================================
RCS file: /var/cvs/ports/x11/i3/Makefile,v
retrieving revision 1.99
diff -u -p -r1.99 Makefile
--- Makefile    18 Dec 2015 15:53:08 -0000      1.99
+++ Makefile    20 Dec 2015 14:06:08 -0000
@@ -3,7 +3,7 @@
 COMMENT =      improved dynamic tiling window manager
 
 DISTNAME =     i3-4.11
-REVISION =     0
+REVISION =     1
 CATEGORIES =   x11
 
 EXTRACT_SUFX = .tar.bz2
Index: patches/patch-i3-msg_main_c
===================================================================
RCS file: patches/patch-i3-msg_main_c
diff -N patches/patch-i3-msg_main_c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-i3-msg_main_c 20 Dec 2015 13:52:48 -0000
@@ -0,0 +1,18 @@
+$OpenBSD$
+
+pledge for i3-msg:
+rpath and unix needed for talking to the i3 socket in /tmp
+
+--- i3-msg/main.c.orig Wed Sep 30 08:55:10 2015
++++ i3-msg/main.c      Sun Dec 20 14:42:51 2015
+@@ -119,6 +119,10 @@ static yajl_callbacks reply_callbacks = {
+ };
+ 
+ int main(int argc, char *argv[]) {
++#if defined(__OpenBSD__)
++    if (pledge("stdio rpath unix", NULL) == -1)
++        err(EXIT_FAILURE, "pledge");
++#endif
+     char *env_socket_path = getenv("I3SOCK");
+     if (env_socket_path)
+         socket_path = sstrdup(env_socket_path);
Index: patches/patch-i3-nagbar_main_c
===================================================================
RCS file: /var/cvs/ports/x11/i3/patches/patch-i3-nagbar_main_c,v
retrieving revision 1.7
diff -u -p -r1.7 patch-i3-nagbar_main_c
--- patches/patch-i3-nagbar_main_c      4 Oct 2015 08:48:12 -0000       1.7
+++ patches/patch-i3-nagbar_main_c      20 Dec 2015 14:05:53 -0000
@@ -1,6 +1,14 @@
 $OpenBSD: patch-i3-nagbar_main_c,v 1.7 2015/10/04 08:48:12 dcoppa Exp $
+
+surprisingly wide pledge for this program
+
+"wpath cpath" for writing a script
+"rpath getpw" for checking access permissions
+"proc exec" for executing the script
+"unix" for talking to the i3 socket
+
 --- i3-nagbar/main.c.orig      Wed Sep 30 08:55:10 2015
-+++ i3-nagbar/main.c   Fri Oct  2 16:58:54 2015
++++ i3-nagbar/main.c   Sun Dec 20 15:00:22 2015
 @@ -170,7 +170,7 @@ static void handle_button_release(xcb_connection_t *co
      }
  
@@ -9,4 +17,16 @@ $OpenBSD: patch-i3-nagbar_main_c,v 1.7 2
 +    sasprintf(&terminal_cmd, "${X11BASE}/bin/xterm -e %s", link_path);
      printf("argv0 = %s\n", argv0);
      printf("terminal_cmd = %s\n", terminal_cmd);
+ 
+@@ -464,6 +464,11 @@ int main(int argc, char *argv[]) {
+ 
+     font = load_font(pattern, true);
+     set_font(&font);
++
++#if defined(__OpenBSD__)
++    if (pledge("stdio rpath wpath cpath getpw proc exec unix", NULL) == -1)
++        err(EXIT_FAILURE, "pledge");
++#endif
+ 
+     xcb_rectangle_t win_pos = get_window_position();
  
Index: patches/patch-i3bar_src_main_c
===================================================================
RCS file: patches/patch-i3bar_src_main_c
diff -N patches/patch-i3bar_src_main_c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-i3bar_src_main_c      20 Dec 2015 13:52:48 -0000
@@ -0,0 +1,20 @@
+$OpenBSD$
+
+stdio rpath unix for talking to the i3 socket
+wpath for logging
+proc exec to execute the bar
+
+--- i3bar/src/main.c.orig      Wed Sep 30 08:55:10 2015
++++ i3bar/src/main.c   Sun Dec 20 14:43:24 2015
+@@ -95,6 +95,11 @@ int main(int argc, char **argv) {
+     char *socket_path = getenv("I3SOCK");
+     char *i3_default_sock_path = "/tmp/i3-ipc.sock";
+ 
++#if defined(__OpenBSD__)
++    if (pledge("stdio rpath wpath proc exec unix", NULL) == -1)
++        err(EXIT_FAILURE, "pledge");
++#endif
++
+     /* Initialize the standard config to use 0 as default */
+     memset(&config, '\0', sizeof(config_t));
+ 
Index: patches/patch-src_main_c
===================================================================
RCS file: /var/cvs/ports/x11/i3/patches/patch-src_main_c,v
retrieving revision 1.14
diff -u -p -r1.14 patch-src_main_c
--- patches/patch-src_main_c    18 Dec 2015 15:53:09 -0000      1.14
+++ patches/patch-src_main_c    20 Dec 2015 14:02:42 -0000
@@ -2,8 +2,14 @@ $OpenBSD: patch-src_main_c,v 1.14 2015/1
 
 Bugfix: add keymap fall back (_XKB_RULES_NAMES, then defaults)
 
+add pledge:
+
+"stdio rpath unix" for talking to the i3 socket in /tmp
+"wpath cpath" are needed for the restart-in-place functionality
+"proc exec" for executing programs
+
 --- src/main.c.orig    Wed Sep 30 08:55:10 2015
-+++ src/main.c Fri Dec 18 13:58:58 2015
++++ src/main.c Sun Dec 20 14:58:54 2015
 @@ -87,6 +87,7 @@ struct ws_assignments_head ws_assignments = TAILQ_HEAD
  
  /* We hope that those are supported and set them to true */
@@ -20,3 +26,17 @@ Bugfix: add keymap fall back (_XKB_RULES
      if (!extreply->present) {
          DLOG("xkb is not present on this server\n");
      } else {
+@@ -784,6 +786,13 @@ int main(int argc, char *argv[]) {
+         xcb_free_gc(conn, gc);
+         xcb_free_pixmap(conn, pixmap);
+     }
++
++#if defined(__OpenBSD__)
++    /* can't pledge if shm_* calls are used */
++    if (shmlog_size == 0)
++        if (pledge("stdio rpath wpath cpath proc exec unix", NULL) == -1)
++            err(EXIT_FAILURE, "pledge");
++#endif
+ 
+     struct sigaction action;
+

Reply via email to