Conditionally add OpenBSD's pledge(2) call -- but to which library?
Hi, I'd like to add the (OpenBSD only) pledge(2) call to some library in our (OpenBSD's) ghc port. See http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2?query=p... and http://www.openbsd.org/papers/hackfest2015-pledge/index.html for some information of what this is about (and Linux people, please don't feel too offended by that second one ;-)) I'd to this as a patch to ghc in our port, but I'd like to eventually submit a patch to include it (conditionally, only on OpenBSD for now) upstream. But I need some hints *where* to include it. At the moment, I'm considering the unix package (bundled with ghc), and therein, the module System.Posix.Unistd. Even if pledge(2) obviously isn't Posix, it's all about stripping down an API which in large parts conforms to Posix to some subset. Would this be acceptable? Or should I use something like System.OpenBSD.Unistd? In any case, client application using it would always either need some #ifdef or would get patches local to the OpenBSD ports tree. So, any thoughts about this? Please note: just writing a separate package for this wouldn't help much (for OpenBSD ports), because it would require changing cabal dependencies for every client application in addition to other source code patches. Ciao, Kili
its not a posix interface ... so it probably doesn't make sense to do.
as best as I understand things, it could be an openbsd only package on
hackage, because its really application specific which priveleges should be
forsworn, and that can only be articulated at the application toplevel
right?
On Wed, Nov 11, 2015 at 4:01 PM, Matthias Kilian
Hi,
I'd like to add the (OpenBSD only) pledge(2) call to some library in our (OpenBSD's) ghc port. See
http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2?query=p...
and
http://www.openbsd.org/papers/hackfest2015-pledge/index.html
for some information of what this is about (and Linux people, please don't feel too offended by that second one ;-))
I'd to this as a patch to ghc in our port, but I'd like to eventually submit a patch to include it (conditionally, only on OpenBSD for now) upstream. But I need some hints *where* to include it.
At the moment, I'm considering the unix package (bundled with ghc), and therein, the module System.Posix.Unistd. Even if pledge(2) obviously isn't Posix, it's all about stripping down an API which in large parts conforms to Posix to some subset.
Would this be acceptable? Or should I use something like System.OpenBSD.Unistd? In any case, client application using it would always either need some #ifdef or would get patches local to the OpenBSD ports tree.
So, any thoughts about this?
Please note: just writing a separate package for this wouldn't help much (for OpenBSD ports), because it would require changing cabal dependencies for every client application in addition to other source code patches.
Ciao, Kili _______________________________________________ Libraries mailing list Libraries@haskell.org http://mail.haskell.org/cgi-bin/mailman/listinfo/libraries
2015-11-11 22:01 GMT+01:00 Matthias Kilian
[...] In any case, client application using it would always either need some #ifdef or would get patches local to the OpenBSD ports tree.
So, any thoughts about this?
Please note: just writing a separate package for this wouldn't help much (for OpenBSD ports), because it would require changing cabal dependencies for every client application in addition to other source code patches.
This is highly specific to OpenBSD, and (as you mentioned) clients need to be changed, anyway. Therefore cabal dependencies can be changed, too. I don't see why the former should be acceptable while the latter shouldn't. So a separate package seems to be the way to go IMHO.
On Wed, Nov 11, 2015 at 1:01 PM, Matthias Kilian
Please note: just writing a separate package for this wouldn't help much (for OpenBSD ports), because it would require changing cabal dependencies for every client application in addition to other source code patches.
Changing cabal dependencies is the right thing to do in this case. Any code that will use this function will already need specialized OpenBSD knowledge, so the likelihood of it actually being used is extremely small – whereas the cost of having a rat's nest of #ifdef usage in clients of core libraries is already well known to be high.
Hi, On Thu, Nov 12, 2015 at 08:09:36AM -0800, Bryan O'Sullivan wrote:
Please note: just writing a separate package for this wouldn't help much (for OpenBSD ports), because it would require changing cabal dependencies for every client application in addition to other source code patches.
Changing cabal dependencies is the right thing to do in this case. Any code that will use this function will already need specialized OpenBSD knowledge, so the likelihood of it actually being used is extremely small – whereas the cost of having a rat's nest of #ifdef usage in clients of core libraries is already well known to be high.
Ok, thank you (and Sven and Carter) for your input. So, on the long term, I'll prepare a separate package when I'm confident that it's actually *useful* for Haskell programs. For now, I'll just keep everything local to the OpenBSD ports tree to experiment a little bit with it. Ciao, Kili
participants (4)
-
Bryan O'Sullivan -
Carter Schonwald -
Matthias Kilian -
Sven Panne