Contributed by pitrh on from the untamed pledges dept.
CVSROOT: /cvs Module name: src Changes by: deraadt@cvs.openbsd.org 2015/10/08 19:17:21 Modified files: sys/sys : syscall_mi.h sys/conf : files sys/kern : sys_generic.c Added files: sys/kern : kern_pledge.c Removed files: sys/kern : kern_tame.c Log message: Rename tame() to pledge(). This fairly interface has evolved to be more strict than anticipated. It allows a programmer to pledge/promise/covenant that their program will operate within an easily defined subset of the Unix environment, or it pays the price.
But of course a renaming comes with more work to be committed. One of the early entries in a series of followups was this one:
Modified files: lib/libc : Symbols.list lib/libc/sys : Makefile.inc Added files: lib/libc/sys : pledge.2 tame.c Removed files: lib/libc/sys : tame.2 Log message: tame -> pledge conversion, in libc. I should crank libc, but am cheating hoping things go well. The old symbol is faked via a stupid stub function, until next major crank when it can be removed. I am expecting guenther to scream at me.
Some followups only touched one file, like this one:
CVSROOT: /cvs Module name: src Changes by: deraadt@cvs.openbsd.org 2015/10/08 19:26:40 Modified files: include : unistd.h Log message: tame -> pledge.
while others were seemingly more extensive, like this one, with the long list of base system programs that have been successfully converted to use the interface:
CVSROOT: /cvs Module name: src Changes by: deraadt@cvs.openbsd.org 2015/10/08 19:37:10 Modified files: bin/cat : cat.c bin/chmod : chmod.c bin/cp : cp.c bin/date : date.c bin/dd : dd.c bin/df : df.c bin/echo : echo.c bin/ed : main.c bin/expr : expr.c bin/ls : ls.c bin/md5 : md5.c bin/mkdir : mkdir.c bin/ps : print.c ps.1 bin/pwd : pwd.c bin/rm : rm.c bin/rmdir : rmdir.c bin/sleep : sleep.c bin/test : test.c sbin/dmesg : dmesg.c sbin/ping : ping.c sbin/ping6 : ping6.c usr.bin/banner : banner.c usr.bin/basename: basename.c usr.bin/cal : cal.c usr.bin/col : col.c usr.bin/colrm : colrm.c usr.bin/column : column.c usr.bin/comm : comm.c usr.bin/compress: main.c usr.bin/csplit : csplit.c usr.bin/ctags : ctags.c usr.bin/cut : cut.c usr.bin/dc : dc.c usr.bin/deroff : deroff.c usr.bin/diff : diff.c usr.bin/diff3 : diff3prog.c usr.bin/dirname: dirname.c usr.bin/expand : expand.c usr.bin/fgen : fgen.l usr.bin/file : file.c usr.bin/find : find.c usr.bin/finger : finger.c usr.bin/fmt : fmt.c usr.bin/fold : fold.c usr.bin/from : from.c usr.bin/getopt : getopt.c usr.bin/grep : grep.c usr.bin/head : head.c usr.bin/hexdump: hexdump.c usr.bin/htpasswd: htpasswd.c usr.bin/id : id.c usr.bin/indent : indent.c usr.bin/join : join.c usr.bin/jot : jot.c usr.bin/kdump : kdump.c ktrstruct.c usr.bin/lam : lam.c usr.bin/lastcomm: lastcomm.c usr.bin/leave : leave.c usr.bin/lock : lock.c usr.bin/logger : logger.c usr.bin/logname: logname.c usr.bin/look : look.c usr.bin/make : main.c usr.bin/mktemp : mktemp.c usr.bin/nl : nl.c usr.bin/nm : nm.c usr.bin/openssl: openssl.c usr.bin/paste : paste.c usr.bin/patch : patch.c usr.bin/pr : pr.c usr.bin/printenv: printenv.c usr.bin/printf : printf.c usr.bin/readlink: readlink.c usr.bin/rev : rev.c usr.bin/rs : rs.c usr.bin/script : script.c usr.bin/sed : main.c usr.bin/signify: signify.c usr.bin/split : split.c usr.bin/ssh/sshd: Makefile usr.bin/stat : stat.c usr.bin/tail : tail.c usr.bin/tee : tee.c usr.bin/tftp : main.c usr.bin/touch : touch.c usr.bin/tr : tr.c usr.bin/tty : tty.c usr.bin/uname : uname.c usr.bin/unifdef: unifdef.c usr.bin/uniq : uniq.c usr.bin/units : units.c usr.bin/unvis : unvis.c usr.bin/users : users.c usr.bin/uudecode: uudecode.c usr.bin/uuencode: uuencode.c usr.bin/vis : vis.c usr.bin/wc : wc.c usr.bin/what : what.c usr.bin/who : who.c usr.bin/whois : whois.c usr.bin/write : write.c usr.sbin/acpidump: acpidump.c usr.sbin/arp : arp.c usr.sbin/bgpd : rde.c session.c usr.sbin/ntpd : ntp_dns.c ntpd.c usr.sbin/portmap: portmap.c usr.sbin/tcpdump: privsep.c tcpdump.c usr.sbin/traceroute: traceroute.c Added files: usr.bin/ssh : sandbox-pledge.c Removed files: usr.bin/ssh : sandbox-tame.c Log message: Change all tame callers to namechange to pledge(2).
The renaming touched several other commits, and we should expect more activity in this area as pledge(2) becomes an ever more visible part of the OpenBSD programming environment.
(Comments are closed)
By Anonymous Coward (2601:186:4102:4919:886a:1238:6ba4:ba6d) on
I like the name change, as I think 'pledge' conveys a better sense of why the program is telling the OS what behaviour to expect of it.