blob: c5d2cba3051ebbeb9631ad55066739ac67379510 [file] [log] [blame]
From 7625a555797f587a89dc2447fd9d621024d5165c Mon Sep 17 00:00:00 2001
From: Roy Marples <roy@marples.name>
Date: Fri, 26 Aug 2022 09:24:50 +0100
Subject: [PATCH 2/2] privsep: Allow newfstatat syscall as well
Allows newer glibc variants to work apparently.
As reported in #84 and #89.
Upstream-Status: Backport [7625a555797f587a89dc2447fd9d621024d5165c]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
src/privsep-linux.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/privsep-linux.c b/src/privsep-linux.c
index 479a1d82..6327b1bc 100644
--- a/src/privsep-linux.c
+++ b/src/privsep-linux.c
@@ -328,6 +328,9 @@ static struct sock_filter ps_seccomp_filter[] = {
#ifdef __NR_nanosleep
SECCOMP_ALLOW(__NR_nanosleep), /* XXX should use ppoll instead */
#endif
+#ifdef __NR_newfstatat
+ SECCOMP_ALLOW(__NR_newfstatat),
+#endif
#ifdef __NR_ppoll
SECCOMP_ALLOW(__NR_ppoll),
#endif
--
2.17.1