timestamp: add macOS (Darwin) support#136
Open
asaflavi-baysecurity wants to merge 1 commit into
Open
Conversation
The timestamp-based persist mechanism was Linux-only due to dependencies on /proc, CLOCK_BOOTTIME, sys/vfs.h, and the assumption that new files inherit the creator's gid. This patch adds macOS support: - proc_info: use sysctl(KERN_PROC) to obtain tty number and process start time instead of parsing /proc/$pid/stat - CLOCK_BOOTTIME: map to CLOCK_MONOTONIC_RAW, which is not user-settable and ticks during sleep on Apple Silicon - sys/vfs.h: use sys/mount.h on Darwin - st_atim/st_mtim: map to st_atimespec/st_mtimespec - timespec macros: define directly on macOS since the bundled sys-time.h fallback header collides with the system header include guard - TIMESTAMP_DIR: default to /var/run/doas on macOS (/run does not exist on Darwin) - fchown after file creation: BSD inherits gid from the parent directory, so the timestamp file gets the wrong gid without an explicit fchown(fd, 0, getgid()) Tested on macOS 26 (Darwin 25.2.0, arm64).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds macOS support to the timestamp-based persist mechanism, which was previously Linux-only.
The
--with-timestampconfigure flag now works on macOS (Darwin), enablingpermit persistin doas.conf.Changes
sysctl(KERN_PROC)to obtain tty number and process start time instead of parsing/proc/$pid/statCLOCK_MONOTONIC_RAWon macOS — not user-settable, ticks during sleep on Apple Siliconsys-time.hfallback uses_SYS_TIME_H_as its include guard, which collides with the system<sys/time.h>guard, causing the fallback to be silently skipped/var/run/doason macOS (/rundoes not exist on Darwin)fchown(fd, 0, getgid()), the timestamp file gets the wrong gid andtimestamp_checkrejects it with "timestamp uid, gid or mode wrong"Testing
./configure --prefix=/opt/local --sysconfdir=/opt/local/etc --with-timestampsucceedspermit persist <user> as rootworks: first invocation prompts for password, subsequent invocations within 5 minutes skip auth/var/run/doas/created with correct ownership (root:, mode 0000)/var/runis cleared on macOS boot)