periodically save policies that have been modified. from provos

>here is a diff that will cause systrace to periodically save policies >that have been modified. Useful if you run systrace on an xterm and >kill it accidently. Or other applications like opera that are long >running and can cause weird crashes.
2002-09-16 04:31:46 +00:00 · 2002-09-16 04:31:46 +00:00 · c1261b4aff
parent a94d82e6f9
commit c1261b4aff
2 changed files with 30 additions and 5 deletions
--- a/bin/systrace/policy.c
+++ b/bin/systrace/policy.c
@ -1,4 +1,4 @@
-/*	$NetBSD: policy.c,v 1.4 2002/08/30 17:09:31 itojun Exp $	*/
+/*	$NetBSD: policy.c,v 1.5 2002/09/16 04:31:46 itojun Exp $	*/
 /*	$OpenBSD: policy.c,v 1.15 2002/08/07 00:34:17 vincent Exp $	*/
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@ -30,7 +30,7 @@
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: policy.c,v 1.4 2002/08/30 17:09:31 itojun Exp $");
+__RCSID("$NetBSD: policy.c,v 1.5 2002/09/16 04:31:46 itojun Exp $");

 #include <sys/types.h>
 #include <sys/param.h>
@ -570,6 +570,8 @@ systrace_dumppolicy(void)
 		if (systrace_writepolicy(policy) == -1)
 			fprintf(stderr, "Failed to write policy for %s\n",
 			    policy->name);
+		else
+			policy->flags &= ~POLICY_CHANGED;
 	}

 	return (0);
--- a/bin/systrace/systrace.c
+++ b/bin/systrace/systrace.c
@ -1,4 +1,4 @@
-/*	$NetBSD: systrace.c,v 1.5 2002/08/28 03:52:47 itojun Exp $	*/
+/*	$NetBSD: systrace.c,v 1.6 2002/09/16 04:31:47 itojun Exp $	*/
 /*	$OpenBSD: systrace.c,v 1.32 2002/08/05 23:27:53 provos Exp $	*/
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@ -420,8 +420,9 @@ main(int argc, char **argv)
 	char *filename = NULL;
 	char *policypath = NULL;
 	char *guipath = _PATH_XSYSTRACE;
+	struct timeval tv, tv_wait = {60, 0};
 	pid_t pidattach = 0;
-	int usex11 = 1;
+	int usex11 = 1, count;
 	int background;

 	while ((c = getopt(argc, argv, "aAituUd:g:f:p:")) != -1) {
@ -524,9 +525,31 @@ main(int argc, char **argv)
 	if (usex11 && !automatic && !allow)
 		requestor_start(guipath);

-	while (intercept_read(trfd) != -1)
+	/* Loop on requests */
+	count = 0;
+	while (intercept_read(trfd) != -1) {
 		if (!intercept_existpids())
 			break;
+		if (userpolicy) {
+			/* Periodically save modified policies */
+			if (count == 0) {
+				/* Set new wait time */
+				gettimeofday(&tv, NULL);
+				timeradd(&tv, &tv_wait, &tv);
+			} else if (count > 10) {
+				struct timeval now;
+				gettimeofday(&now, NULL);
+
+				count = 0;
+				if (timercmp(&now, &tv, >)) {
+					/* Dump policy and cause new time */
+					systrace_dumppolicy();
+					continue;
+				}
+			}
+			count++;
+		}
+	}

 	if (userpolicy)
 		systrace_dumppolicy();