You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27 lines
967 B
27 lines
967 B
From f2a784e2fc28b169b2c70ed9dd72d9aaa9dec68a Mon Sep 17 00:00:00 2001 |
|
From: Felipe Borges <felipeborges@gnome.org> |
|
Date: Tue, 9 May 2017 15:17:27 +0200 |
|
Subject: [PATCH] libtracker-common: Whitelist openat() |
|
|
|
tracker-extract-iso depends on libosinfo, which needs the |
|
openat system call. |
|
--- |
|
src/libtracker-common/tracker-seccomp.c | 2 ++ |
|
1 file changed, 2 insertions(+) |
|
|
|
diff --git a/src/libtracker-common/tracker-seccomp.c b/src/libtracker-common/tracker-seccomp.c |
|
index 1af380c93..e02dc2fd9 100644 |
|
--- a/src/libtracker-common/tracker-seccomp.c |
|
+++ b/src/libtracker-common/tracker-seccomp.c |
|
@@ -159,6 +159,8 @@ tracker_seccomp_init (void) |
|
ALLOW_RULE (getsockname); |
|
ALLOW_RULE (getpeername); |
|
ALLOW_RULE (shutdown); |
|
+ /* Needed by libosinfo (tracker-extract-iso) */ |
|
+ ALLOW_RULE (openat); |
|
|
|
/* Special requirements for socket/socketpair, only on AF_UNIX/AF_LOCAL */ |
|
if (seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket), 1, |
|
-- |
|
2.12.2 |
|
|
|
|