Permit sendmsg in the seccomp syscall whitelist for all daemons.

2014-04-15 14:57:07 -04:00 · 2014-04-15 14:57:07 -04:00 · e5834da6d3
commit e5834da6d3
parent b5f0ccd88d
1 changed files with 3 additions and 0 deletions
--- a/src/seccomp.c
+++ b/src/seccomp.c
@ -49,6 +49,7 @@ int enforce_seccomp_ndhc(void)
 #if defined(__x86_64__) || (defined(__arm__) && defined(__ARM_EABI__))
        ALLOW_SYSCALL(sendto), // used for glibc syslog routines
        ALLOW_SYSCALL(recvmsg),
+        ALLOW_SYSCALL(sendmsg),
        ALLOW_SYSCALL(recvfrom),
        ALLOW_SYSCALL(connect),
 #elif defined(__i386__)
@ -120,6 +121,7 @@ int enforce_seccomp_ifch(void)
 #if defined(__x86_64__) || (defined(__arm__) && defined(__ARM_EABI__))
        ALLOW_SYSCALL(sendto), // used for glibc syslog routines
        ALLOW_SYSCALL(recvmsg),
+        ALLOW_SYSCALL(sendmsg),
        ALLOW_SYSCALL(recvfrom),
        ALLOW_SYSCALL(socket),
 #elif defined(__i386__)
@ -178,6 +180,7 @@ int enforce_seccomp_sockd(void)
 #if defined(__x86_64__) || (defined(__arm__) && defined(__ARM_EABI__))
        ALLOW_SYSCALL(sendto), // used for glibc syslog routines
        ALLOW_SYSCALL(recvmsg),
+        ALLOW_SYSCALL(sendmsg),
        ALLOW_SYSCALL(recvfrom),
        ALLOW_SYSCALL(socket),
        ALLOW_SYSCALL(setsockopt),