f524cc245e63092372d78c3d80959b589aeebcc2 Add missing sigaction pledges and remove dns
diff --git a/clientloop.c b/clientloop.c
index da396c72..3ff4ea89 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1239,31 +1239,31 @@ client_loop(struct ssh *ssh, int have_pty, int escape_char_arg,
 	if (options.control_master &&
 	    !option_clear_or_none(options.control_path)) {
 		debug("pledge: id");
-		if (pledge("stdio rpath wpath cpath unix inet dns recvfd sendfd proc exec id tty",
+		if (pledge("stdio rpath wpath cpath unix inet recvfd sendfd proc exec id tty sigaction",
 		    NULL) == -1)
 			fatal("%s pledge(): %s", __func__, strerror(errno));
 
 	} else if (options.forward_x11 || options.permit_local_command) {
 		debug("pledge: exec");
-		if (pledge("stdio rpath wpath cpath unix inet dns proc exec tty",
+		if (pledge("stdio rpath wpath cpath unix inet proc exec tty sigaction",
 		    NULL) == -1)
 			fatal("%s pledge(): %s", __func__, strerror(errno));
 
 	} else if (options.update_hostkeys) {
 		debug("pledge: filesystem full");
-		if (pledge("stdio rpath wpath cpath unix inet dns proc tty",
+		if (pledge("stdio rpath wpath cpath unix inet proc tty sigaction",
 		    NULL) == -1)
 			fatal("%s pledge(): %s", __func__, strerror(errno));
 
 	} else if (!option_clear_or_none(options.proxy_command) ||
 	    fork_after_authentication_flag) {
 		debug("pledge: proc");
-		if (pledge("stdio cpath unix inet dns proc tty", NULL) == -1)
+		if (pledge("stdio cpath unix inet proc tty sigaction", NULL) == -1)
 			fatal("%s pledge(): %s", __func__, strerror(errno));
 
 	} else {
 		debug("pledge: network");
-		if (pledge("stdio unix inet dns proc tty", NULL) == -1)
+		if (pledge("stdio unix inet proc tty sigaction", NULL) == -1)
 			fatal("%s pledge(): %s", __func__, strerror(errno));
 	}
 
diff -Naur openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676/ssh-keysign.c openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676.serenity/ssh-keysign.c
--- openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676/ssh-keysign.c	2020-05-27 02:38:00.000000000 +0200
+++ openssh-portable-9ca7e9c861775dd6c6312bc8aaab687403d24676.serenity/ssh-keysign.c	2021-05-18 00:09:01.831610440 +0200
@@ -173,7 +173,7 @@
 	char *host, *fp;
 	size_t slen, dlen;
 
-	if (pledge("stdio rpath getpw dns id", NULL) != 0)
+	if (pledge("stdio rpath id", NULL) != 0)
 		fatal("%s: pledge: %s", __progname, strerror(errno));
 
 	/* Ensure that stdin and stdout are connected */
@@ -237,7 +237,7 @@
 	if (!found)
 		fatal("no hostkey found");
 
-	if (pledge("stdio dns", NULL) != 0)
+	if (pledge("stdio", NULL) != 0)
 		fatal("%s: pledge: %s", __progname, strerror(errno));
 
 	if ((b = sshbuf_new()) == NULL)