The addition of unveil broke interactive mode since ask() assumes the default answer if it fails to open _PATH_TTY. Questions are only asked if neither force nor batch mode is activated, so condition on those.
It seams cleaner to do unveil _PATH_TTY than to add a tty pledge since as far as I can see no ioctls on /dev/tty are emitted. Without this patch: $ cd usr.bin $ patch -Rs < /path/to/patch.below File to patch: No file found--skip this patch? [y] 1 out of 1 hunks ignored--saving rejects to Oops.rej With this patch: $ cd usr.bin $ patch -Rs < /path/to/patch.below File to patch: patch/patch.c Unreversed (or previously applied) patch detected! Ignore -R? [y] y Obviously the unveil(".", rwc) places restrictions on the path that can be given, but that's expected. Index: patch.c =================================================================== RCS file: /cvs/src/usr.bin/patch/patch.c,v retrieving revision 1.73 diff -u -p -4 -r1.73 patch.c --- patch.c 15 Jul 2023 10:42:54 -0000 1.73 +++ patch.c 19 Jul 2023 11:09:37 -0000 @@ -222,8 +222,13 @@ main(int argc, char *argv[]) if (unveil(filearg[1], "r") == -1) { perror("unveil"); my_exit(2); } + if (!force && !batch) + if (unveil(_PATH_TTY, "rw") == -1) { + perror("unveil"); + my_exit(2); + } if (unveil(".", "rwc") == -1) { perror("unveil"); my_exit(2); }