privsep: Allow ioctl TIOCGWINSZ for dumping leases on musl

author Roy Marples <roy@alpine.my.domain>

Fri, 24 Feb 2023 10:17:27 +0000 (10:17 +0000)

committer Roy Marples <roy@alpine.my.domain>

Fri, 24 Feb 2023 10:17:27 +0000 (10:17 +0000)
author Roy Marples <roy@alpine.my.domain>
Fri, 24 Feb 2023 10:17:27 +0000 (10:17 +0000)
committer Roy Marples <roy@alpine.my.domain>
Fri, 24 Feb 2023 10:17:27 +0000 (10:17 +0000)
diff --git a/src/privsep-linux.c b/src/privsep-linux.c

index 2c54152163b0a5cea803bdb3da405f3e886a500e..28d009741098adf4943ce19032b0e0f84841ac61 100644 (file)
--- a/src/privsep-linux.c
+++ b/src/privsep-linux.c
@@ -30,7 +30,6 @@
  #include <sys/prctl.h>
  #include <sys/socket.h>
  #include <sys/syscall.h>
-#include <sys/termios.h>       /* For TCGETS */
  
  #include <linux/audit.h>
  #include <linux/filter.h>
@@ -40,10 +39,12 @@
  
  #include <errno.h>
  #include <fcntl.h>
+#include <signal.h>
  #include <stddef.h>
  #include <stdio.h>
  #include <stdlib.h>
  #include <string.h>
+#include <termios.h>   /* For TCGETS */
  #include <unistd.h>
  
  #include "common.h"
@@ -348,6 +349,8 @@ static struct sock_filter ps_seccomp_filter[] = {
         SECCOMP_ALLOW_ARG(__NR_ioctl, 1, SIOCGIFVLAN),
         /* printf over serial terminal requires this */
         SECCOMP_ALLOW_ARG(__NR_ioctl, 1, TCGETS),
+       /* dumping leases on musl requires this */
+       SECCOMP_ALLOW_ARG(__NR_ioctl, 1, TIOCGWINSZ),
         /* SECCOMP BPF is newer than nl80211 so we don't need SIOCGIWESSID
          * which lives in the impossible to include linux/wireless.h header */
  #endif
author	Roy Marples <roy@alpine.my.domain>
	Fri, 24 Feb 2023 10:17:27 +0000 (10:17 +0000)
committer	Roy Marples <roy@alpine.my.domain>
	Fri, 24 Feb 2023 10:17:27 +0000 (10:17 +0000)