commit 1962764c6292e845cec17393e1c46c1473ca1eeb
from: Omar Polo <op@omarpolo.com>
date: Fri Jun 09 10:40:08 2023 UTC

fix sandbox_server_process

it does the unveil(2)ing based on the first config, which breaks
config-reloading.

commit - cd1ede6dd3defbf2c9dedc0e1e5d733dcfde2d87
commit + 1962764c6292e845cec17393e1c46c1473ca1eeb
blob - 0d4773f25af0d04685e44743f744ab4a71b15d07
blob + 6d68b0f734994ca77ccdb0f8433265a1780cfdba
--- sandbox.c
+++ sandbox.c
@@ -31,21 +31,6 @@ sandbox_main_process(void)
 void
 sandbox_server_process(void)
 {
-	struct vhost	*h;
-	struct location	*l;
-
-	TAILQ_FOREACH(h, &hosts, vhosts) {
-		TAILQ_FOREACH(l, &h->locations, locations) {
-			if (*l->dir == '\0')
-				continue;
-
-			if (unveil(l->dir, "rw") == -1)
-				fatal("unveil %s for domain %s",
-				    l->dir,
-				    h->domain);
-		}
-	}
-
 	if (pledge("stdio recvfd rpath unix inet dns", NULL) == -1)
 		fatal("pledge");
 }