Subject: systrace problems
To: None <>
From: Jeff <>
List: current-users
Date: 12/22/2005 13:03:17

I recently upgraded a number of systems from ~3.99.5 to 3.99.14, one
of the side effects was that my systrace policies no longer worked.

I am getting errors such as:

systrace: deny user: ntpd, prog: /usr/sbin/ntpd, pid: 442(0)[791], 
policy: /usr/sbin/ntpd, filters: 98, syscall: netbsd-fswrite(5), 
filename: /<non-existent filename>: /var/db/ntp.drift.TEMP

my policy permits fswrite of the aforementioned file, however to be
certain I tried:

> systrace -A touch bah
touch: bah: Permission denied

ktrace shows
  9742 touch    CALL  __stat30(0xbfbfe976,0xbfbfe7a4)
  9742 touch    NAMI  "bah"
  9742 touch    RET   __stat30 -1 errno 2 No such file or directory
  9742 touch    CALL  open(0xbfbfe976,0x201,0x1b6)
  9742 touch    NAMI  "/<non-existent filename>: bah"
this seems clearly wrong 

Unfortunately I cannot point to the exact change(s) that caused this,
but I am willing to provide any information/run tests as needed.

This is also filed as PR bin/32360