Hi I think you should call unveil before pledge, so that you don't need to pledge unveil. This will prevent futher calls to unveil.
On 18/07/18 12:59 +0100, Ricardo Mestre wrote: > Hi, > > Are there any brave souls out there with unveil(2) enabled already? > > If yes please test this diff for spamlogd(8) which seems to only need rw > access to the file PATH_SPAMD_DB and nothing else. > > Not asking for OKs yet, but if the code pattern is correct can I start looking > at other programs? > > Sorry for my earlier email, my clock was WAY off. > > Index: spamlogd.c > =================================================================== > RCS file: /cvs/src/libexec/spamlogd/spamlogd.c,v > retrieving revision 1.27 > diff -u -p -u -r1.27 spamlogd.c > --- spamlogd.c 16 Mar 2016 14:47:04 -0000 1.27 > +++ spamlogd.c 18 Jul 2018 11:46:59 -0000 > @@ -376,12 +376,15 @@ main(int argc, char **argv) > } > > if (syncsend) { > - if (pledge("stdio rpath wpath inet flock", NULL) == -1) > + if (pledge("stdio rpath wpath inet flock unveil", NULL) == -1) > err(1, "pledge"); > } else { > - if (pledge("stdio rpath wpath flock", NULL) == -1) > + if (pledge("stdio rpath wpath flock unveil", NULL) == -1) > err(1, "pledge"); > } > + > + if (unveil(PATH_SPAMD_DB, "rw") == -1) > + err(1, "unveil"); > > pcap_loop(hpcap, -1, phandler, NULL); > >