Blame SOURCES/0001-libtracker-common-whitelist-openat.patch
|
 |
17ea09 |
From f2a784e2fc28b169b2c70ed9dd72d9aaa9dec68a Mon Sep 17 00:00:00 2001
|
|
|
17ea09 |
From: Felipe Borges <felipeborges@gnome.org>
|
|
|
17ea09 |
Date: Tue, 9 May 2017 15:17:27 +0200
|
|
|
17ea09 |
Subject: [PATCH] libtracker-common: Whitelist openat()
|
|
|
17ea09 |
|
|
|
17ea09 |
tracker-extract-iso depends on libosinfo, which needs the
|
|
|
17ea09 |
openat system call.
|
|
|
17ea09 |
---
|
|
|
17ea09 |
src/libtracker-common/tracker-seccomp.c | 2 ++
|
|
|
17ea09 |
1 file changed, 2 insertions(+)
|
|
|
17ea09 |
|
|
|
17ea09 |
diff --git a/src/libtracker-common/tracker-seccomp.c b/src/libtracker-common/tracker-seccomp.c
|
|
|
17ea09 |
index 1af380c93..e02dc2fd9 100644
|
|
|
17ea09 |
--- a/src/libtracker-common/tracker-seccomp.c
|
|
|
17ea09 |
+++ b/src/libtracker-common/tracker-seccomp.c
|
|
|
17ea09 |
@@ -159,6 +159,8 @@ tracker_seccomp_init (void)
|
|
|
17ea09 |
ALLOW_RULE (getsockname);
|
|
|
17ea09 |
ALLOW_RULE (getpeername);
|
|
|
17ea09 |
ALLOW_RULE (shutdown);
|
|
|
17ea09 |
+ /* Needed by libosinfo (tracker-extract-iso) */
|
|
|
17ea09 |
+ ALLOW_RULE (openat);
|
|
|
17ea09 |
|
|
|
17ea09 |
/* Special requirements for socket/socketpair, only on AF_UNIX/AF_LOCAL */
|
|
|
17ea09 |
if (seccomp_rule_add (ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket), 1,
|
|
|
17ea09 |
--
|
|
|
17ea09 |
2.12.2
|
|
|
17ea09 |
|