Add the poll() syscall as permitted by the sandbox
Apparently, sometimes getpwnam will call this. Fixes bug 25513.
This commit is contained in:
parent
3370b3cfef
commit
070eda5a21
|
@ -0,0 +1,4 @@
|
|||
o Minor features (sandbox):
|
||||
- Explicitly permit the poll() system call when the Linux seccomp2-based
|
||||
sandbox is enabled: apparently, some versions of libc use poll() when
|
||||
calling getpwnam(). Closes ticket 25313.
|
|
@ -247,7 +247,8 @@ static int filter_nopar_gen[] = {
|
|||
SCMP_SYS(recvmsg),
|
||||
SCMP_SYS(recvfrom),
|
||||
SCMP_SYS(sendto),
|
||||
SCMP_SYS(unlink)
|
||||
SCMP_SYS(unlink),
|
||||
SCMP_SYS(poll)
|
||||
};
|
||||
|
||||
/* These macros help avoid the error where the number of filters we add on a
|
||||
|
|
Loading…
Reference in New Issue