forked from pool/openssh
2d48f44a64
- Add openssh-8.1p1-seccomp-clock_nanosleep.patch, allow clock_nanosleep glibc master implements multiple functions using that syscall making the privsep sandbox kill the preauth process. OBS-URL: https://build.opensuse.org/request/show/746672 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=201
15 lines
460 B
Diff
15 lines
460 B
Diff
Index: openssh-8.1p1/sandbox-seccomp-filter.c
|
|
===================================================================
|
|
--- openssh-8.1p1.orig/sandbox-seccomp-filter.c
|
|
+++ openssh-8.1p1/sandbox-seccomp-filter.c
|
|
@@ -248,6 +248,9 @@ static const struct sock_filter preauth_
|
|
#ifdef __NR_nanosleep
|
|
SC_ALLOW(__NR_nanosleep),
|
|
#endif
|
|
+#ifdef __NR_clock_nanosleep
|
|
+ SC_ALLOW(__NR_clock_nanosleep),
|
|
+#endif
|
|
#ifdef __NR__newselect
|
|
SC_ALLOW(__NR__newselect),
|
|
#endif
|