Re: [dev] pledge(2) patches

From: Kamil Cholewiński <>
Date: Wed, 18 May 2016 21:07:43 +0200

On Wed, 18 May 2016, Marc André Tanner <> wrote:
> Independent of whether the functionality is desired, you probably want
> to implement it along the lines of:
> #ifndef __OpenBSD__
> int pledge(const char *promises, const char *paths[]) { return 0; }
> #endif
> This way you won't clutter all the call sites and they are at least
> compile tested on all platforms.

Excellent point, changed.

I can imagine most of pledge could be implemented on Linux using
SecComp... But that'd probably be bigger than dwm itself.

> Also because you always die upon failure you might want to introduce
> an xpledge(...) wrapper which could also print a more descriptive error
> message (pledging for which resource failed).

Like this is ok?

xpledge(const char *promises, const char *paths[])
        if (pledge(promises, paths) < 0) {
                die("dwm: tried to pledge: %s\n", promises);

Attached the new diff for dwm, I will modify the rest if this one looks


Received on Wed May 18 2016 - 21:07:43 CEST

This archive was generated by hypermail 2.3.0 : Wed May 18 2016 - 21:12:10 CEST