From a01ce7b96892849d91911a2ef143a08b8e4e57c5 Mon Sep 17 00:00:00 2001
From: Andinus <andinus@nand.sh>
Date: Fri, 24 Apr 2020 19:46:49 +0530
Subject: Upgrade to lynx v0.4.0

---
 cmd/cetus/main.go | 47 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 cmd/cetus/main.go

(limited to 'cmd/cetus/main.go')

diff --git a/cmd/cetus/main.go b/cmd/cetus/main.go
new file mode 100644
index 0000000..b8098be
--- /dev/null
+++ b/cmd/cetus/main.go
@@ -0,0 +1,47 @@
+package main
+
+import (
+	"log"
+
+	"tildegit.org/andinus/cetus/cache"
+	"tildegit.org/andinus/lynx"
+)
+
+func main() {
+	unveil()
+	app()
+}
+
+func unveil() {
+	paths := make(map[string]string)
+
+	paths[cache.Dir()] = "rwc"
+	paths["/dev/null"] = "rw" // required by feh
+	paths["/etc/resolv.conf"] = "r"
+
+	// ktrace output
+	paths["/usr/libexec/ld.so"] = "r"
+	paths["/var/run/ld.so.hints"] = "r"
+	paths["/usr/lib"] = "r"
+	paths["/dev/urandom"] = "r"
+	paths["/etc/hosts"] = "r"
+	paths["/etc/ssl"] = "r"
+
+	err := lynx.UnveilPaths(paths)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	commands := []string{"feh", "gsettings", "pcmanfm", "notify-send"}
+
+	err = lynx.UnveilCommands(commands)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	// Block further unveil calls
+	err = lynx.UnveilBlock()
+	if err != nil {
+		log.Fatal(err)
+	}
+}
-- 
cgit 1.4.1-2-gfad0