19 Jul 2018 - 19 May 2025

Sep	OCT	Jan
	20
2017	2018	2019

success

fail

About this capture

COLLECTED BY

Organization:Internet Archive

These crawls are part of an effort to archive pages as they are created and archive the pages that they refer to. That way, as the pages that are referenced are changed or taken from the web, a link to the version that was live when the page was written will be preserved.

Then the Internet Archive hopes that references to these archived pages will be put in place of a link that would be otherwise be broken, or a companion link to allow people to see what was originally intended by a page's authors.

The goal is tofix all broken links on the web. Crawls of supported "No More 404" sites.

Collection:Wikipedia Near Real Time (from IRC)

This is a collection of web page captures from links added to, or changed on, Wikipedia pages. The idea is to bring a reliability to Wikipedia outlinks so that if the pages referenced by Wikipedia articles are changed, or go away, a reader can permanently find what was originally referred to.

This is part of the Internet Archive's attempt torid the web of broken links.

TIMESTAMPS

NAME

unveil —

unveil parts of a restricted filesystem view

SYNOPSIS

#include <unistd.h>

int
unveil(const char *path,const char *permissions);

DESCRIPTION

The first call tounveil removes visibility of the entire filesystem from all other filesystem-related system calls (such asopen(2),chmod(2) andrename(2)), except for the specifiedpath andpermission. Subsequent calls tounveil can expose additional paths with specified permissions in the filesystem.

Theunveil call itself is treated specially and can continue to see the filesystem for subsequent calls.

Future calls tounveil can be blocked by passing twoNULL arguments. If the veil is not yet active, this does not activate it. Alternatively,pledge(2) may be used to remove theunveil promise.

Thepermissions argument points to a string consisting of the following characters:

r: Makepath available for read operations, corresponding to thepledge(2) promiserpath.
w: Makepath available for write operations, corresponding to thepledge(2) promisewpath.
x: Makepath available for execute operations, corresponding to thepledge(2) promiseexec.
c: Allowpath to be created and removed, corresponding to thepledge(2) promisecpath.

Apath that is a directory will enable all filesystem access underneathpath usingpermissions if and only if no more specific matchingunveil() exists at a lower level. Directories are remembered at the time of a call tounveil(). This means that a directory that is removed and recreated after a call tounveil() will appear to not exist.

Non-directory paths are remembered by name within their containing directory, and so may be created, removed, or re-created after a call tounveil() and still appear to exist.

Attempts to access paths not allowed byunveil will result in an error ofEACCES when thepermissions argument does not match the attempted operation.ENOENT is returned for paths for which nounveil permissions qualify.

As withpledge(2), the use ofunveil() in an application will require lots of study and understanding of the interfaces called. In most cases it is best practice to unveil the directories in which an application makes use of files.

RETURN VALUES

Upon successful completion, the value 0 is returned; otherwise the value -1 is returned and the global variableerrno is set to indicate the error.

ERRORS


E2BIG: The addition ofpath would exceed the per-process limit for unveiled paths.

ENOENT: A directory inpath did not exist.

EINVAL: An invalid value ofpermissions was used.

EPERM: An attempt to increase permissions was made, or thepath was not accessible, orunveil was called after locking.

HISTORY

Theunveil() system call first appeared inOpenBSD 6.4.

BUGS

Filesystem lookups work today when they cross anunveil() duringnamei(9) lookup in the kernel. A program that does relative operations below a higherunveil() may currently not see the parts of the filesystem underneath the high level unveil. This is actively being worked on.