[Git][NTPsec/ntpsec][master] Fix seccomp/sandbox to work with --disable_dns_lookup
Hal Murray
gitlab at mg.gitlab.com
Sat Nov 25 16:58:52 UTC 2017
Hal Murray pushed to branch master at NTPsec / ntpsec
Commits:
29501079 by Hal Murray at 2017-11-25T08:32:37-08:00
Fix seccomp/sandbox to work with --disable_dns_lookup
- - - - -
1 changed file:
- ntpd/ntp_sandbox.c
Changes:
=====================================
ntpd/ntp_sandbox.c
=====================================
--- a/ntpd/ntp_sandbox.c
+++ b/ntpd/ntp_sandbox.c
@@ -294,6 +294,12 @@ int scmp_sc[] = {
SCMP_SYS(fcntl),
SCMP_SYS(fstat),
SCMP_SYS(fsync),
+
+#ifndef ENABLE_DNS_LOOKUP
+ /* libcrypto uses pthread_once() */
+ SCMP_SYS(futex), /* sem_xxx, used by threads */
+#endif
+
#ifdef __NR_getrandom
SCMP_SYS(getrandom), /* 3.17 kernel */
#endif
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/2950107979873e09fa152b0b60052294646a232d
---
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/2950107979873e09fa152b0b60052294646a232d
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20171125/a3b6e3d9/attachment.html>
More information about the vc
mailing list