From 7d6f99c4c6ec7a4632c0d473b11015aa1701c582 Mon Sep 17 00:00:00 2001
From: Andinus <andinus@nand.sh>
Date: Sat, 25 Apr 2020 18:31:04 +0530
Subject: Fix logical error & unveil other necessary paths

---
 unveil.go | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/unveil.go b/unveil.go
index 99a9a82..b50c438 100644
--- a/unveil.go
+++ b/unveil.go
@@ -30,11 +30,26 @@ func blockUnveil() {
 
 // initUnveil initializes unveil for inital use.
 func initUnveil() {
-	err := lynx.Unveil(configFile, "rc")
+	err := lynx.Unveil(configFile(), "rc")
 	if err != nil {
 		fmt.Printf("%s :: %s",
 			"Unveil configFile failed",
 			err.Error())
 		os.Exit(1)
 	}
+
+	// os.Exec fails if "/dev/null" is not unveiled & for some
+	// reason it calls "/dev/urandom" inititally so we unveil it
+	// too because there should be no harm in doing so.
+	paths := make(map[string]string)
+	paths["/dev/null"] = "r"
+	paths["/dev/urandom"] = "r"
+
+	err = lynx.UnveilPaths(paths)
+	if err != nil {
+		fmt.Printf("%s :: %s",
+			"Unveil failed",
+			err.Error())
+		os.Exit(1)
+	}
 }
-- 
cgit 1.4.1-2-gfad0