From 95c66cc95058b9a918dbd1ef756b9da6abdd7eee Mon Sep 17 00:00:00 2001 From: Jude Taylor Date: Fri, 30 Oct 2015 20:32:11 -0700 Subject: [PATCH] add special devices to sandbox-defaults --- src/libstore/sandbox-defaults.sb.in | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/libstore/sandbox-defaults.sb.in b/src/libstore/sandbox-defaults.sb.in index 12c39fa7f..702f05602 100644 --- a/src/libstore/sandbox-defaults.sb.in +++ b/src/libstore/sandbox-defaults.sb.in @@ -35,7 +35,10 @@ (literal "/private/var/run/resolv.conf")) ; some builders use filehandles other than stdin/stdout -(allow file* (subpath "/dev/fd")) +(allow file* + (subpath "/dev/fd") + (literal "/dev/ptmx") + (regex #"^/dev/[pt]ty.*$")) ; allow everything inside TMP (allow file* process-exec