seccomp: Add newfstatat to list of allowed syscalls

...it looks like, on a recent Fedora installation, daemon() uses it.

Reported-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
Stefano Brivio 2021-10-21 20:18:17 +02:00
parent d36e429bc6
commit 1fc6416cf9

View file

@ -278,7 +278,7 @@ static void pid_file(struct ctx *c) {
* #syscalls prlimit64 epoll_ctl epoll_create1 epoll_wait accept4 accept listen
* #syscalls socket bind connect getsockopt setsockopt recvfrom sendto shutdown
* #syscalls openat fstat fcntl lseek clone setsid exit_group getpid
* #syscalls clock_gettime
* #syscalls clock_gettime newfstatat
* #syscalls:pasta rt_sigreturn
*/
int main(int argc, char **argv)