#Name

unveil - unveil certain paths when running a command

#Synopsis

$ unveil [--path] [command...]

#Description

Run a command under certain path restrictions by using unveil(2).

#Options

• -u, --path: Unveil a path, with the format of permissions,path

#Examples

Run ls -la /sys/kernel with restricted access to certain paths:

$ unveil --path=r,/etc/timezone --path=r,/usr/lib --path=r,/sys/ --path=r,/etc/passwd --path=r,/etc/group ls -la /sys/kernel

Run ps -ef with restricted access to certain paths:

$ unveil --path=r,/etc/timezone --path=r,/usr/lib --path=r,/sys/ --path=r,/etc/passwd --path=r,/etc/group ps -ef

#See also

• pledge(2)
• unveil(2)
• Mitigations(7)