Stuart Henderson <[email protected]> wrote: > try this? > > Index: vmm.c > =================================================================== > RCS file: /cvs/src/usr.sbin/vmd/vmm.c,v > diff -u -p -r1.135 vmm.c > --- vmm.c 14 Jan 2026 03:09:05 -0000 1.135 > +++ vmm.c 13 Mar 2026 17:28:39 -0000 > @@ -72,6 +72,8 @@ vmm_run(struct privsep *ps, struct privs > */ > if (unveil(env->argv0, "x") == -1) > fatal("unveil %s", env->argv0); > + if (unveil("/dev/null", "rw") == -1) > + fatal("unveil /dev/null", env->argv0); > if (unveil(NULL, NULL) == -1) > fatal("unveil lock");
The message: > 18913 vmd CALL open(0x8b9fe1e9c73,0x2<O_RDWR>) > 18913 vmd PLDG open, "rpath", errno 1 Operation not permitted > 18913 vmd PSIG SIGABRT SIG_DFL says that pledge isn't allowing an open with "rpath". To open "/dev/null" with "rw", the pledge must also be "rpath wpath". So that unveil is needed, but the pledge is also wrong. In the past, you could be "stdio" and open 11 files plus any file in 2 directories. You can't do that anymore. For all files, you now must have pledge modes allowing the open, and either no unveil, or unveils that allow that path.
