From: pasta Subject: Re: chromium needs to unveil dns files To: "Sven M. Hallberg" , ports@openbsd.org Date: Sun, 22 Mar 2026 14:44:31 +0100 alright, thank you! On Sun, Mar 22, 2026 at 12:46:20PM +0000, Stuart Henderson wrote: > On 2026/03/22 12:59, pasta wrote: > > are you sure that is the case? the fix^Whack for me was to simply > > copy libc.so.103.0 to libc.so.102.2 since all ports seem to be still > > depending on that old libc version which does not have __pledge_open(2) > > and therefore cannot access /etc/resolv.conf, etc. under the dns > > pledge and a new kernel. > > ah, this will happen if your previous snapshot was from before 10 Mar > or so. > > currently mirror.yandex.ru and mirror.telepoint.bg still have snaps > from 13 Mar if you want to extract libc.so.102.2 from an intermediate > snapshot > > > i guess we'll just have to wait until new packages are built? > > yes, shouldn't be too long now. > > > On Sat, Mar 21, 2026 at 09:05:16PM +0100, Sven M. Hallberg wrote: > > > After upgrading my snapshot yesterday, chromium and ungoogled-chromium > > > stopped working, throwing ERR_NAME_NOT_RESOLVED on every site. > > > > > > Turns out it's a case of "rolling its own DNS and wanting to open > > > resolv.conf", cf. https://marc.info/?l=openbsd-ports&m=177389567528083. > > > So I've added > > > > > > /etc/resolv.conf r > > > /etc/hosts r > > > /etc/services r > > > /etc/protocols r > > > > > > to unveil.main and that seems to fix things. Should these also be in > > > the other unveil files? > > > > > > Thanks to Bryan and Claudio for the quick pointers. > > > > > > > > > --- /usr/local/share/examples/chromium/unveil.main Thu Mar 19 06:46:08 2026 > > > +++ /etc/chromium/unveil.main Sat Mar 21 20:43:40 2026 > > > @@ -15,6 +15,12 @@ > > > > > > /dev/null rw > > > > > > +# needed for self-implemented DNS resolution > > > +/etc/resolv.conf r > > > +/etc/hosts r > > > +/etc/services r > > > +/etc/protocols r > > > + > > > # needed for chromium > > > /etc/chromium r > > > > > > > >