commit 2f40f7d278bccb8402479f25d13145bdc199bfb7
from: Stefan Sperling <stsp@stsp.name>
date: Thu Mar 28 11:07:41 2024 UTC

call unveil earlier in 'got import'

We now know that unveil(2) will never traverse exec.
No need to wait with unveil until the editor has been run.

ok op@

commit - cdaefb15ec98f4140621e87d6e7a2526ce29c495
commit + 2f40f7d278bccb8402479f25d13145bdc199bfb7
blob - eb068e10c4f52020498b05f1af70fa1d2f6d5ee8
blob + be364f33ae558187761d281438ee798b41d5c990
--- got/got.c
+++ got/got.c
@@ -831,9 +831,32 @@ cmd_import(int argc, char *argv[])
 	if (error != NULL)
 		goto done;
 	error = got_repo_open(&repo, repo_path, gitconfig_path, pack_fds);
+	if (error)
+		goto done;
+
+	path_dir = realpath(argv[0], NULL);
+	if (path_dir == NULL) {
+		error = got_error_from_errno2("realpath", argv[0]);
+		goto done;
+	}
+	got_path_strip_trailing_slashes(path_dir);
+
+	error = get_editor(&editor);
 	if (error)
 		goto done;
 
+	if (unveil(path_dir, "r") != 0) {
+		error = got_error_from_errno2("unveil", path_dir);
+		goto done;
+	}
+	if (unveil(editor, "x") != 0) {
+		error = got_error_from_errno2("unveil", editor);
+		goto done;
+	}
+	error = apply_unveil(got_repo_get_path(repo), 0, NULL);
+	if (error)
+		goto done;
+
 	error = get_author(&author, repo, NULL);
 	if (error)
 		return error;
@@ -872,21 +895,7 @@ cmd_import(int argc, char *argv[])
 		goto done;
 	}
 
-	path_dir = realpath(argv[0], NULL);
-	if (path_dir == NULL) {
-		error = got_error_from_errno2("realpath", argv[0]);
-		goto done;
-	}
-	got_path_strip_trailing_slashes(path_dir);
-
-	/*
-	 * unveil(2) traverses exec(2); if an editor is used we have
-	 * to apply unveil after the log message has been written.
-	 */
 	if (logmsg == NULL || *logmsg == '\0') {
-		error = get_editor(&editor);
-		if (error)
-			goto done;
 		free(logmsg);
 		error = collect_import_msg(&logmsg, &logmsg_path, editor,
 		    path_dir, refname);
@@ -898,20 +907,6 @@ cmd_import(int argc, char *argv[])
 		}
 	}
 
-	if (unveil(path_dir, "r") != 0) {
-		error = got_error_from_errno2("unveil", path_dir);
-		if (logmsg_path)
-			preserve_logmsg = 1;
-		goto done;
-	}
-
-	error = apply_unveil(got_repo_get_path(repo), 0, NULL);
-	if (error) {
-		if (logmsg_path)
-			preserve_logmsg = 1;
-		goto done;
-	}
-
 	error = got_repo_import(&new_commit_id, path_dir, logmsg,
 	    author, &ignores, repo, import_progress, NULL);
 	if (error) {