Support newer glib versions (Bug#59061)

* lib-src/seccomp-filter.c (main): Allow pidfd_open system call
2022-12-09 19:32:14 +01:00
parent 0bd26abf7f
commit 940d9070e9
1 changed files with 2 additions and 0 deletions
--- a/lib-src/seccomp-filter.c
+++ b/lib-src/seccomp-filter.c
@@ -342,6 +342,8 @@ main (int argc, char **argv)
  RULE (SCMP_ACT_ALLOW, SCMP_SYS (eventfd2));
  RULE (SCMP_ACT_ALLOW, SCMP_SYS (wait4));
  RULE (SCMP_ACT_ALLOW, SCMP_SYS (poll));
+  RULE (SCMP_ACT_ALLOW, SCMP_SYS (pidfd_open),
+	SCMP_A1_32 (SCMP_CMP_EQ, 0));

  /* Don't allow creating sockets (network access would be extremely
     dangerous), but also don't crash.  */