From f452e0461fca01d92b8e367b6ad22459a2c641ff Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 24 Mar 2023 14:52:34 +0100
Subject: [PATCH] man: update syscal filter group list

---
 man/systemd.exec.xml | 8 ++++++++
 1 file changed, 8 insertions(+)
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 4001123a962..17be33c56a2 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -2350,6 +2350,10 @@ RestrictNamespaces=~cgroup net</programlisting>
                 <entry>@obsolete</entry>
                 <entry>Unusual, obsolete or unimplemented (<citerefentry project='man-pages'><refentrytitle>create_module</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>gtty</refentrytitle><manvolnum>2</manvolnum></citerefentry>, â¦)</entry>
               </row>
+              <row>
+                <entry>@pkey</entry>
+                <entry>System calls that deal with memory protection keys (<citerefentry project='man-pages'><refentrytitle>pkeys</refentrytitle><manvolnum>7</manvolnum></citerefentry>)</entry>
+              </row>
               <row>
                 <entry>@privileged</entry>
                 <entry>All system calls which need super-user capabilities (<citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>)</entry>
@@ -2370,6 +2374,10 @@ RestrictNamespaces=~cgroup net</programlisting>
                 <entry>@resources</entry>
                 <entry>System calls for changing resource limits, memory and scheduling parameters (<citerefentry project='man-pages'><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum></citerefentry>, â¦)</entry>
               </row>
+              <row>
+                <entry>@sandbox</entry>
+                <entry>System calls for sandboxing programs (<citerefentry project='man-pages'><refentrytitle>seccomp</refentrytitle><manvolnum>2</manvolnum></citerefentry>, Landlock system calls, â¦)</entry>
+              </row>
               <row>
                 <entry>@setuid</entry>
                 <entry>System calls for changing user ID and group ID credentials, (<citerefentry project='man-pages'><refentrytitle>setuid</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>setgid</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>setresuid</refentrytitle><manvolnum>2</manvolnum></citerefentry>, â¦)</entry>
-- 
2.47.3

