It's still running with prot_exec due to ecurity/cyrus-sasl2, but that's
subject to change in an updated diff once I've fiddled with multiple
accounts and different `AuthMeths' configurations.
The diff is relatively straight forward, but I'm happy to hear feedback
from you. Make sure to include the relevant trace lines if mbsync gets
killed:
$ ktrace -di -- mbsync -a
$ kdump
Adding myself as MAINTAINER and dropping `-g' from CFLAGS since it's
already handled through DEBUG.
Feedback? OK?
Index: Makefile
===================================================================
RCS file: /cvs/ports/mail/isync/Makefile,v
retrieving revision 1.33
diff -u -p -r1.33 Makefile
--- Makefile 17 Nov 2017 00:22:39 -0000 1.33
+++ Makefile 5 May 2018 20:45:15 -0000
@@ -3,14 +3,19 @@
COMMENT= synchronize IMAP4 and maildir mailboxes
DISTNAME= isync-1.3.0
+REVISION= 0
+
CATEGORIES= mail
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=isync/}
HOMEPAGE= http://isync.sourceforge.net/
+MAINTAINER= Klemens Nanni <[email protected]>
+
# GPLv2
PERMIT_PACKAGE_CDROM= Yes
+# uses pledge()
WANTLIB= c crypto db sasl2 ssl z
COMPILER= base-clang ports-clang ports-gcc
@@ -20,7 +25,7 @@ LIB_DEPENDS= databases/db/v4 \
SEPARATE_BUILD= Yes
CONFIGURE_STYLE= gnu
-CONFIGURE_ENV+= CFLAGS="${CFLAGS} -I${LOCALBASE}/include/db4
-g" \
+CONFIGURE_ENV+= CFLAGS="${CFLAGS} -I${LOCALBASE}/include/db4" \
CPPFLAGS="-I${LOCALBASE}/include" \
LDFLAGS="-L${LOCALBASE}/lib"
Index: patches/patch-src_drv_imap_c
===================================================================
RCS file: patches/patch-src_drv_imap_c
diff -N patches/patch-src_drv_imap_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_drv_imap_c 5 May 2018 20:45:15 -0000
@@ -0,0 +1,23 @@
+$OpenBSD$
+
+Index: src/drv_imap.c
+--- src/drv_imap.c.orig
++++ src/drv_imap.c
+@@ -41,6 +41,8 @@
+ # include <sasl/saslutil.h>
+ #endif
+
++extern int needs_proc_exec;
++
+ #ifdef HAVE_LIBSSL
+ enum { SSL_None, SSL_STARTTLS, SSL_IMAPS };
+ #endif
+@@ -3267,6 +3269,8 @@ imap_parse_store( conffile_t *cfg, store_conf_t **stor
+ }
+ acc_opt = 1;
+ }
++ if (server->sconf.tunnel || server->pass_cmd)
++ needs_proc_exec = 1;
+ if (store)
+ type = "IMAP store", name = store->gen.name;
+ else
Index: patches/patch-src_main_c
===================================================================
RCS file: patches/patch-src_main_c
diff -N patches/patch-src_main_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_main_c 5 May 2018 20:45:15 -0000
@@ -0,0 +1,70 @@
+$OpenBSD$
+
+Index: src/main.c
+--- src/main.c.orig
++++ src/main.c
+@@ -120,6 +120,26 @@ PACKAGE " " VERSION " - mailbox synchronizer\n"
+ exit( code );
+ }
+
++int needs_proc_exec = 0;
++char main_promises[] = "stdio rpath wpath cpath inet flock dns getpw proc
exec"
++#ifdef HAVE_LIBSASL
++ " prot_exec"
++#endif
++ ;
++
++void
++drop_promise(char *promises, char *word)
++{
++ char *w, *p;
++
++ /* find first char after word */
++ if (!(w = strstr(promises, word)))
++ return;
++ p = w + strlen(word);
++ /* clobber word with trailing string */
++ memmove(w, p, strlen(p) + 1);
++}
++
+ static void ATTR_PRINTFLIKE(1, 2)
+ debug( const char *msg, ... )
+ {
+@@ -410,6 +430,9 @@ main( int argc, char **argv )
+ char *config = 0, *opt, *ochar;
+ int oind, cops = 0, op, ops[2] = { 0, 0 }, pseudo = 0;
+
++ if (pledge(main_promises, NULL) == -1)
++ sys_error("pledge\n");
++
+ tzset();
+ gethostname( Hostname, sizeof(Hostname) );
+ if ((ochar = strchr( Hostname, '.' )))
+@@ -700,6 +723,13 @@ main( int argc, char **argv )
+ }
+ }
+
++ if (mvars->list) {
++ drop_promise(main_promises, "wpath");
++ drop_promise(main_promises, "cpath");
++ if (pledge(main_promises, NULL) == -1)
++ sys_error("pledge\n");
++ }
++
+ if (!(DFlags & (QUIET | DEBUG_ALL)) && isatty( 1 ))
+ DFlags |= PROGRESS;
+
+@@ -716,6 +746,13 @@ main( int argc, char **argv )
+
+ if (load_config( config, pseudo ))
+ return 1;
++
++ if (!needs_proc_exec) {
++ drop_promise(main_promises, "proc");
++ drop_promise(main_promises, "exec");
++ if (pledge(main_promises, NULL) == -1)
++ sys_error("pledge\n");
++ }
+
+ if (!channels) {
+ fputs( "No channels defined. Try 'man " EXE "'\n", stderr );
