Authored and Committed by zbyszek 2 months ago
1 file changed. 2 lines added. 1 lines removed.
    Add more syscalls to the allow list (fixes #2022961)
    It tried to debug this, but it's not easy. Things happen very early in
    glibc initialization, too quickly after fork for strace to show. After looking
    at the changes in glibc, the reason why mprotect(2) seems easy, I also filed a
    pull request to add it to @default filter in systemd. setsid is called from the
    daemonization code, but I'm not sure why it didn't cause an issue earlier. Either
    new syscalls are called, or something changed in error handling…
