From 2eb6453669c9160a61bbe47e94ab65c96129499e Mon Sep 17 00:00:00 2001
From: mestre <mestre@openbsd.org>
Date: Tue, 22 Feb 2022 08:20:35 +0000
Subject: [PATCH] disable further calls to unveil(2)

pointed out by brynet@
---
 libexec/rpc.rusersd/rusersd.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/libexec/rpc.rusersd/rusersd.c b/libexec/rpc.rusersd/rusersd.c
index 9b4eff0a8a1..765119bcb84 100644
--- a/libexec/rpc.rusersd/rusersd.c
+++ b/libexec/rpc.rusersd/rusersd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rusersd.c,v 1.22 2022/02/21 19:49:46 mestre Exp $	*/
+/*	$OpenBSD: rusersd.c,v 1.23 2022/02/22 08:20:35 mestre Exp $	*/
 
 /*-
  *  Copyright (c) 1993 John Brezak
@@ -85,6 +85,10 @@ main(int argc, char *argv[])
 		syslog(LOG_ERR, "unveil /dev");
 		exit(1);
 	}
+	if (unveil(NULL, NULL) == -1) {
+		syslog(LOG_ERR, "unveil");
+		exit(1);
+	}
 
 	setgroups(1, &pw->pw_gid);
 	setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid);
-- 
2.20.1