glibc calls clock_nanosleep_time64 syscall even if it not defined in
the headers for this arch and the seccomp filter kills the process
with because an unknown syscall.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && sed -i "s/lkrb5 -ldes/lkrb5/" configure
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/OpenSSH-8.2p1_glibc-2.31_clock_nanosleep_time64.patch
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--sysconfdir=/etc/ssh \
--- /dev/null
+diff -Naur openssh-8.2p1.org/sandbox-seccomp-filter.c openssh-8.2p1/sandbox-seccomp-filter.c
+--- openssh-8.2p1.org/sandbox-seccomp-filter.c 2020-04-10 18:14:56.152309584 +0200
++++ openssh-8.2p1/sandbox-seccomp-filter.c 2020-04-10 21:05:45.827921765 +0200
+@@ -253,6 +253,9 @@
+ #endif
+ #ifdef __NR_clock_nanosleep_time64
+ SC_ALLOW(__NR_clock_nanosleep_time64),
++#else
++ /* on i586 glibc call syscall 407 which is not defined */
++ SC_ALLOW(407),
+ #endif
+ #ifdef __NR_clock_gettime64
+ SC_ALLOW(__NR_clock_gettime64),