unveil: initial commit
4 files changed, 36 insertions(+), 22 deletions(-)
changed files
M go.mod → go.mod
@@ -8,6 +8,7 @@ github.com/bluekeyes/go-gitdiff v0.7.0 github.com/dustin/go-humanize v1.0.0 github.com/go-git/go-git/v5 v5.5.1 github.com/sosedoff/gitkit v0.3.0 + golang.org/x/sys v0.3.0 gopkg.in/yaml.v3 v3.0.0 )@@ -30,7 +31,6 @@ github.com/xanzy/ssh-agent v0.3.3 // indirect golang.org/x/crypto v0.4.0 // indirect golang.org/x/mod v0.7.0 // indirect golang.org/x/net v0.4.0 // indirect - golang.org/x/sys v0.3.0 // indirect golang.org/x/tools v0.4.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect )
M main.go → main.go
@@ -20,9 +20,9 @@ if err != nil { log.Fatal(err) } - // for path := range []string{c.Dirs.Static, c.Repo.ScanPath, c.Dirs.Templates} { - // Unveil(path, "r") - // } + if err = UnveilPaths([]string{c.Dirs.Static, c.Repo.ScanPath, c.Dirs.Templates}, "r"); err != nil { + log.Fatal(err) + } mux := routes.Handlers(c) addr := fmt.Sprintf("%s:%d", c.Server.Host, c.Server.Port)
M unveil.go → unveil.go
@@ -1,30 +1,26 @@ //go:build openbsd // +build openbsd -// Doesn't do anything yet. - package main - -/* -#include <stdlib.h> -#include <unistd.h> -*/ -import "C" import ( - "fmt" - "unsafe" + "golang.org/x/sys/unix" ) func Unveil(path string, perms string) error { - cpath := C.CString(path) - defer C.free(unsafe.Pointer(cpath)) - cperms := C.CString(perms) - defer C.free(unsafe.Pointer(cperms)) + return unix.Unveil(path, perms) +} - rv, err := C.unveil(cpath, cperms) - if rv != 0 { - return fmt.Errorf("unveil(%s, %s) failure (%d)", path, perms, err) +func UnveilBlock() error { + return unix.UnveilBlock() +} + +func UnveilPaths(paths []string, perms string) error { + for _, path := range paths { + err := Unveil(path, perms) + if err != nil { + return err + } } - return nil + return UnveilBlock() }
A unveil_stub.go
@@ -0,0 +1,18 @@ +//go:build !openbsd +// +build !openbsd + +// Stub functions for GOOS that don't support unix.Unveil() + +package main + +func Unveil(path string, perms string) error { + return nil +} + +func UnveilBlock() error { + return nil +} + +func UnveilPaths(paths []string, perms string) error { + return nil +}