> On Fri, Feb 07, 2020 at 03:27:33PM +0100, Michael wrote:
>> Hello ports@,
>> this patch adds pledge() to net/ngircd. Tested on amd64 with ngircd
>> running with TLS. Unfortunately the promises can't be further reduced
>> since this would break /rehash (i.e. reloading the config) later. But
>> this is better than nothing.
> solene@ pointed out that if the option "PidFile" is being used
> unlink()ing the file later fails. However I personally don't like
> another promise just for that. I can't see any sensible use case for
> ngircds PID file; the Option itself is not set by default.
> So my idea would be to either skip or remove the PidFile code, or just
> ignore the issue. The abort happens after shutting everything else down
> and starting ngircd again works even if the old PID file is still in
> place. Both variants mean changing or breaking functionality but that
> would be bearable given the low impact IMHO. Using unveil() might also
> be an option.
> Any thoughts on this?
Active ngircd user here. I personally use the PID file with my
for process supervision (monit in my case). Although I could use process
matching, getting the PID from the PIDFile seems more natural.
PS: I would appreciate a pledged ngircd very much.