Subject: systrace problems
To: None <firstname.lastname@example.org>
From: Jeff <email@example.com>
Date: 12/22/2005 13:03:17
I recently upgraded a number of systems from ~3.99.5 to 3.99.14, one
of the side effects was that my systrace policies no longer worked.
I am getting errors such as:
systrace: deny user: ntpd, prog: /usr/sbin/ntpd, pid: 442(0),
policy: /usr/sbin/ntpd, filters: 98, syscall: netbsd-fswrite(5),
filename: /<non-existent filename>: /var/db/ntp.drift.TEMP
my policy permits fswrite of the aforementioned file, however to be
certain I tried:
> systrace -A touch bah
touch: bah: Permission denied
9742 touch CALL __stat30(0xbfbfe976,0xbfbfe7a4)
9742 touch NAMI "bah"
9742 touch RET __stat30 -1 errno 2 No such file or directory
9742 touch CALL open(0xbfbfe976,0x201,0x1b6)
9742 touch NAMI "/<non-existent filename>: bah"
this seems clearly wrong
Unfortunately I cannot point to the exact change(s) that caused this,
but I am willing to provide any information/run tests as needed.
This is also filed as PR bin/32360