we need to delete the events associated with the backends, otherwise the server process won't ever quit. Here, we add a pending counter to every backend and shut down immediately if they aren't handling any client; otherwise we try to close them as soon as possible (i.e. when they close the connection to the last connected client.)

our stderr could have been sent to the logger process, so it may be invalid. Furthermore, in the future we may want to capture also the stderr of the processes.

otherwise path, port and/or prog could become an invalid pointer.

before we matched ppc64le as ppc64 (which is big ending I presume), so the seccomp filter would always kill gmid #4 related

`printf | openssl` is ugly :/

Calling `configure' with --disable-sandbox will disable the sandbox support *completely* at compile time. gmid will still complain at compile time and during the startup. Users shouldn't disable the sandbox if possible, but instead report problem upstream so they get fixed (hopefully.) #4 related

* SECCOMP_AUDIT_ARCH extended to support more architectures * relax fcntl policy: allow the syscall regardless of the flags * wrap every syscall in a ifdef, and add some (statx, fcntl64, ...) used in x86 Some bits were taken from dhcpcd[0], thanks! #4 related [0]: https://roy.marples.name/git/dhcpcd/blob/HEAD:/src/privsep-linux.c

While one can define a macro using a reserved word as name using -Dname=val, inside the configuration file it'll fail.

Now that we have this auto concat string thingy, macros can simply expand to standalone strings in place, as single words. Forgot to point it out in previous commits, but now we can cert = "/etc/keys" server "foo" { cert $cert "/foo.crt" ... }