slaacd does not have include statements
open the control socket earlier, then unveil().
diff --git sbin/slaacd/slaacd.c sbin/slaacd/slaacd.c
index 9c3f64f407d..990614df734 100644
--- sbin/slaacd/slaacd.c
+++ sbin/slaacd/slaacd.c
@@ -179,6 +179,16 @@ main(int argc, char *argv[])
if (getpwnam(SLAACD_USER) == NULL)
errx(1, "unknown user %s", SLAACD_USER);
+#ifndef SMALL
+ if ((control_fd = control_init(csock)) == -1)
+ fatalx("control socket setup failed");
+#endif /* SMALL */
+
+ if (unveil(saved_argv0, "x") == -1)
+ err(1, "unveil");
+ if (unveil(NULL, NULL) == -1)
+ err(1, "unveil");
+
log_init(debug, LOG_DAEMON);
log_setverbose(verbose);
@@ -276,11 +286,6 @@ main(int argc, char *argv[])
&rtfilter, sizeof(rtfilter)) == -1)
fatal("setsockopt(ROUTE_MSGFILTER)");
-#ifndef SMALL
- if ((control_fd = control_init(csock)) == -1)
- fatalx("control socket setup failed");
-#endif /* SMALL */
-
if (pledge("stdio sendfd wroute", NULL) == -1)
fatal("pledge");
