From: Antonio Quartulli <a@unstable.cc>
Date: Sun, 9 Jan 2022 14:24:55 +0000 (+0100)
Subject: linux: add access syscall to seccomp rules
X-Git-Tag: 1.0.14~26
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0ea4b1a5e0e9c35d960145d25166e92a9990227f;p=thirdparty%2Flldpd.git

linux: add access syscall to seccomp rules

Signed-off-by: Antonio Quartulli <a@unstable.cc>
---

diff --git a/src/daemon/priv-seccomp.c b/src/daemon/priv-seccomp.c
index 5608c5f0..32097d31 100644
--- a/src/daemon/priv-seccomp.c
+++ b/src/daemon/priv-seccomp.c
@@ -178,6 +178,7 @@ priv_seccomp_init(int remote, int child)
 	    (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(gettimeofday), 0)) < 0 ||
 	    (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(newfstatat), 0)) < 0 ||
 	    (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(pread64), 0)) < 0 ||
+	    (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(access), 0)) < 0 ||
 	    /* The following are for resolving addresses */
 	    (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mmap), 0)) < 0 ||
 	    (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(munmap), 0)) < 0 ||