rpms / ocserv

Clone
Source Code
GIT

Files

  1.   361405c03bd3ce6a4ce282a1861777c94c011828
  2.   ocserv-1.1.1-socketwrapper.patch
Blob Blame History Raw 
diff --git a/src/worker-privs.c b/src/worker-privs.c
index ea503cd0..3d4d5fa4 100644
--- a/src/worker-privs.c
+++ b/src/worker-privs.c
@@ -166,6 +166,14 @@ int disable_system_calls(struct worker_st *ws)
 	ADD_SYSCALL(fstat, 0);
 	ADD_SYSCALL(lseek, 0);
 
+	/* if running under socketwrapper ensure we allow its calls */
+	if (getenv("SOCKET_WRAPPER_DIR") != NULL) {
+		ADD_SYSCALL(stat64, 0);
+		ADD_SYSCALL(readlink, 0);
+		ADD_SYSCALL(newfstatat, 0);
+		ADD_SYSCALL(mmap, 0);
+	}
+
 	ADD_SYSCALL(getsockopt, 0);
 	ADD_SYSCALL(setsockopt, 0);
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.