Subject: CVS commit: basesrc/bin/systrace
To: None <source-changes@netbsd.org>
From: Andrew Brown <atatat@netbsd.org>
List: source-changes
Date: 07/04/2002 01:54:39
Module Name:	basesrc
Committed By:	atatat
Date:		Wed Jul  3 22:54:39 UTC 2002

Modified Files:
	basesrc/bin/systrace: intercept.c systrace.c

Log Message:
Mostly just a rewrite of intercept_run() so the arrangement of "child"
process and "parent" process is more conducive to policy generation.
Previously, tracing of a given program worked something like this:

	fork()
	if (child)
		execprogram()
	else
		dotracing()

That means that if you "systrace -a named", named would fork and
background itself, but you would never get your prompt back because
systrace didn't exit.  Now it works like this:

	fork()
	if (interactive)
		if (child)
			execprogram()
		else
			dotracing()
	else
		if (parent)
			execprogram()
		else
			fork()
			if (parent)
				exit(0)
			setsid()
			dotracing()

This makes it *much* easier to do automated policy generation for
tasks run from rc.d.  Or, for that matter, makes it much easier to use
systrace with tasks run from rc.d.


To generate a diff of this commit:
cvs rdiff -r1.2 -r1.3 basesrc/bin/systrace/intercept.c \
    basesrc/bin/systrace/systrace.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.