From 137bff6e449c408cdf4733ea6407fe6813153ea7cb9d8cca045fc6fff2e14d2f Mon Sep 17 00:00:00 2001
From: Peter Simons <peter.simons@suse.com>
Date: Mon, 14 May 2018 11:49:10 +0000
Subject: [PATCH] Enable wait4(), sysinfo(), and shutdown() syscalls in seccomp
 sandbox. These are required for the daemon to work properly on SLE-15.
 [bsc#1089088]

OBS-URL: https://build.opensuse.org/package/show/network/vsftpd?expand=0&rev=125
---
 vsftpd-enable-syscalls-needed-by-sle15.patch | 18 ++++++++++++++++++
 vsftpd.changes                               |  7 +++++++
 vsftpd.spec                                  |  2 ++
 3 files changed, 27 insertions(+)
 create mode 100644 vsftpd-enable-syscalls-needed-by-sle15.patch

diff --git a/vsftpd-enable-syscalls-needed-by-sle15.patch b/vsftpd-enable-syscalls-needed-by-sle15.patch
new file mode 100644
index 0000000..b4633a7
--- /dev/null
+++ b/vsftpd-enable-syscalls-needed-by-sle15.patch
@@ -0,0 +1,18 @@
+Index: vsftpd-3.0.3/seccompsandbox.c
+===================================================================
+--- vsftpd-3.0.3.orig/seccompsandbox.c	2018-04-25 06:34:52.154728803 +0000
++++ vsftpd-3.0.3/seccompsandbox.c	2018-04-25 06:37:43.071314942 +0000
+@@ -306,6 +306,13 @@ seccomp_sandbox_setup_base()
+   allow_nr(__NR_restart_syscall);
+   allow_nr(__NR_close);
+   
++  /* Required on SLE-15 because of changes in 3rd party libraries.
++   * Reported in bsc#1089088.
++   */
++  allow_nr(__NR_wait4);
++  allow_nr(__NR_sysinfo);
++  allow_nr(__NR_shutdown);
++
+  /*
+   * Calls to alarm and date
+   * Seems to be some part of the logging
diff --git a/vsftpd.changes b/vsftpd.changes
index 347db40..3d6197e 100644
--- a/vsftpd.changes
+++ b/vsftpd.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Apr 25 06:32:25 UTC 2018 - psimons@suse.com
+
+- Enable wait4(), sysinfo(), and shutdown() syscalls in seccomp
+  sandbox. These are required for the daemon to work properly on
+  SLE-15. [bsc#1089088]
+
 -------------------------------------------------------------------
 Tue Apr  3 11:48:08 UTC 2018 - vcizek@suse.com
 
diff --git a/vsftpd.spec b/vsftpd.spec
index 69937b6..15cc783 100644
--- a/vsftpd.spec
+++ b/vsftpd.spec
@@ -82,6 +82,7 @@ Patch27:        vsftpd-mdtm-in-utc.patch
 Patch28:        vsftpd-die-with-session.patch
 Patch29:        vsftpd-append-seek-pipe.patch
 Patch30:        vsftpd-3.0.3-address_space_limit.patch
+Patch31:        vsftpd-enable-syscalls-needed-by-sle15.patch
 BuildRequires:  libcap-devel
 BuildRequires:  libopenssl-devel
 BuildRequires:  pam-devel
@@ -144,6 +145,7 @@ tests.
 %patch28 -p1
 %patch29 -p1
 %patch30 -p1
+%patch31 -p1
 
 %build
 %define seccomp_opts -D_GNU_SOURCE -DUSE_SECCOMP