Discussion:
Disable Unveil
Jonathan Drews
2021-05-10 08:02:30 UTC
Permalink
Hello Folks:

I am using OpenBSD 6.9 GENERIC.MP#473 amd64

I need to disable unveil so I can load files into Firefox from
other directories. I also cannot load my *.ppd when using my
webbrowser in root. In the past, I have configured CUPS with the
URL http://localhost:631. I need to be able to upload my *.ppd as
my laser printer is not in the list of Xerox printers . I used
this method in OpenBSD 6.8 and it worked fine.

I read the man page for unveil but it only gives programming
instructions. How can I disable unveil?


Kind regards,
Jonathan
Omar Polo
2021-05-10 08:28:37 UTC
Permalink
Post by Jonathan Drews
I am using OpenBSD 6.9 GENERIC.MP#473 amd64
I need to disable unveil so I can load files into Firefox from
other directories. I also cannot load my *.ppd when using my
webbrowser in root. In the past, I have configured CUPS with the
URL http://localhost:631. I need to be able to upload my *.ppd as
my laser printer is not in the list of Xerox printers . I used
this method in OpenBSD 6.8 and it worked fine.
I read the man page for unveil but it only gives programming
instructions. How can I disable unveil?
Kind regards,
Jonathan
The manpage for unveil only describes how to use it from code, not how
other programs are using it. For firefox, see
/usr/local/share/doc/pkg-readmes/firefox.

Anyway, disabling unveil is a bad idea, especially for a program like a
web browser that reads and executes random code downloaded from the
network. Probably, adjusting /etc/firefox/unveil.main to add things
like ~/Document is enough for your use-case.

HTH


Omar Polo,
Jonathan Drews
2021-05-10 08:31:06 UTC
Permalink
Post by Jonathan Drews
I am using OpenBSD 6.9 GENERIC.MP#473 amd64
Hi Guys:

Disregard the first email. I ran firefox as an ordinary user with the
url http://localhost:631 and I was able to upload the *.ppd from
my ~/Downloads
Post by Jonathan Drews
I need to disable unveil so I can load files into Firefox from
other directories. I also cannot load my *.ppd when using my
webbrowser in root. In the past, I have configured CUPS with the
URL http://localhost:631. I need to be able to upload my *.ppd as
my laser printer is not in the list of Xerox printers . I used
this method in OpenBSD 6.8 and it worked fine.
I read the man page for unveil but it only gives programming
instructions. How can I disable unveil?
Kind regards,
Jonathan
m***@dotbit.ro
2021-05-13 06:09:27 UTC
Permalink
In this case I would copy the ppd file into ~/Downloads,
which is permitted by unveil by default inside /etc/firefox/unveil.main:
~/Downloads rwc

In th file selection dialog box it can be difficult to select a directory.
If you are having trouble doing so type '/' and then you can
enter the desired path, ex. ~/Downloads

After having loaded the ppd file I delete it, and cups seems to continue working,
I would have assumed that cups loads the file and stores the settings,
not the file path, but I could be wrong.
Post by Jonathan Drews
I am using OpenBSD 6.9 GENERIC.MP#473 amd64
I need to disable unveil so I can load files into Firefox from
other directories. I also cannot load my *.ppd when using my
webbrowser in root. In the past, I have configured CUPS with the
URL http://localhost:631. I need to be able to upload my *.ppd as
my laser printer is not in the list of Xerox printers . I used
this method in OpenBSD 6.8 and it worked fine.
I read the man page for unveil but it only gives programming
instructions. How can I disable unveil?
Kind regards,
Jonathan
Loading...