diff --git a/changes/bug15003 b/changes/bug15003
new file mode 100644
index 000000000..2dcce74df
--- /dev/null
+++ b/changes/bug15003
@@ -0,0 +1,3 @@
+  o Major bugfixes (linux seccomp2 sandbox):
+    - Allow AF_UNIX hidden services to be used with the seccomp2 sandbox.
+      Fixes bug 15003; bugfix on 0.2.6.3-alpha.
diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index 57847e137..fe97af309 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -542,6 +542,11 @@ sb_socket(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
       return rc;
   }
 
+  rc = seccomp_rule_add_3(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket),
+      SCMP_CMP(0, SCMP_CMP_EQ, PF_UNIX),
+      SCMP_CMP_MASKED(1, SOCK_CLOEXEC|SOCK_NONBLOCK, SOCK_STREAM),
+      SCMP_CMP(2, SCMP_CMP_EQ, 0));
+
   rc = seccomp_rule_add_3(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket),
       SCMP_CMP(0, SCMP_CMP_EQ, PF_NETLINK),
       SCMP_CMP(1, SCMP_CMP_EQ, SOCK_RAW),