summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorAndinus <andinus@nand.sh>2020-04-25 17:26:10 +0530
committerAndinus <andinus@nand.sh>2020-04-25 17:26:10 +0530
commit5fb5e4f21f6408d7ff13e4ccb9ca5c636ef615a8 (patch)
tree172582ee214b9348523ebfb97a71f3bf47446cb0
parente9e268d945f539bd229e46648e8e8fb83955ab83 (diff)
downloadpavo-5fb5e4f21f6408d7ff13e4ccb9ca5c636ef615a8.tar.gz
Add unveil functions
Diffstat
-rw-r--r--go.mod2


-rw-r--r--go.sum4


-rw-r--r--unveil.go40


3 files changed, 46 insertions, 0 deletions
diff --git a/go.mod b/go.mod
index b90cbcc..1c77105 100644
--- a/go.mod
+++ b/go.mod
@@ -1,3 +1,5 @@
 module tildegit.org/andinus/pavo
 
 go 1.13
+
+require tildegit.org/andinus/lynx v0.4.0
diff --git a/go.sum b/go.sum
new file mode 100644
index 0000000..257eabe
--- /dev/null
+++ b/go.sum
@@ -0,0 +1,4 @@
+golang.org/x/sys v0.0.0-20200331124033-c3d80250170d h1:nc5K6ox/4lTFbMVSL9WRR81ixkcwXThoiF6yf+R9scA=
+golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+tildegit.org/andinus/lynx v0.4.0 h1:bAxZLOdWy66+qJ3bDWjkbmJfCWTIOZ8hMGzYt7T7Bxk=
+tildegit.org/andinus/lynx v0.4.0/go.mod h1:/PCNkKwfJ7pb6ziHa76a4gYp1R9S1Ro4ANjQwzSpBIk=
diff --git a/unveil.go b/unveil.go
new file mode 100644
index 0000000..99a9a82
--- /dev/null
+++ b/unveil.go
@@ -0,0 +1,40 @@
+package main
+
+import (
+	"fmt"
+	"os"
+
+	"tildegit.org/andinus/lynx"
+)
+
+// blockUnveil func blocks further unveil calls.
+func blockUnveil() {
+	err := lynx.UnveilBlock()
+	if err != nil {
+		fmt.Printf("%s :: %s",
+			"UnveilBlock() failed",
+			err.Error())
+		os.Exit(1)
+	}
+
+	// We drop unveil from promises after blocking it. We drop
+	// rpath too because the config file has been read.
+	err = lynx.PledgePromises("stdio exec")
+	if err != nil {
+		fmt.Printf("%s :: %s",
+			"blockUnveil failed",
+			err.Error())
+		os.Exit(1)
+	}
+}
+
+// initUnveil initializes unveil for inital use.
+func initUnveil() {
+	err := lynx.Unveil(configFile, "rc")
+	if err != nil {
+		fmt.Printf("%s :: %s",
+			"Unveil configFile failed",
+			err.Error())
+		os.Exit(1)
+	}
+}

 

generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2024-05-02 14:23:15 +0000