commit: 79ba1186abb5ae1702dc3233be4dc94113ae2830 Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Mon Nov 29 01:12:51 2021 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Mon Nov 29 01:12:51 2021 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=79ba1186
net-misc/lldpd: fix runtime (seccomp filter) with glibc-2.33 Our patch already had newfstatat but we need to add pread64 too (now done upstream). Closes: https://bugs.gentoo.org/827736 Signed-off-by: Sam James <sam <AT> gentoo.org> net-misc/lldpd/files/lldpd-1.0.13-glibc-2.33.patch | 19 +++++++++++++++++++ .../{lldpd-1.0.12.ebuild => lldpd-1.0.12-r1.ebuild} | 2 +- .../{lldpd-1.0.13.ebuild => lldpd-1.0.13-r1.ebuild} | 4 ++-- 3 files changed, 22 insertions(+), 3 deletions(-) diff --git a/net-misc/lldpd/files/lldpd-1.0.13-glibc-2.33.patch b/net-misc/lldpd/files/lldpd-1.0.13-glibc-2.33.patch new file mode 100644 index 000000000000..68f3592ec9b6 --- /dev/null +++ b/net-misc/lldpd/files/lldpd-1.0.13-glibc-2.33.patch @@ -0,0 +1,19 @@ +https://bugs.gentoo.org/827736 +https://github.com/lldpd/lldpd/commit/e57bf5ea66a70ff87bba5c39c0e10c071b4af824 + +From: Benedikt Neuffer <[email protected]> +Date: Sat, 27 Nov 2021 17:07:50 +0100 +Subject: [PATCH] linux: add missing SECCOMP rules + +Signed-off-by: Benedikt Neuffer <[email protected]> +--- a/src/daemon/priv-seccomp.c ++++ b/src/daemon/priv-seccomp.c +@@ -176,6 +176,8 @@ priv_seccomp_init(int remote, int child) + (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(sendmmsg), 0)) < 0 || + (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(clock_gettime), 0)) < 0 || + (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(gettimeofday), 0)) < 0 || ++ (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(newfstatat), 0)) < 0 || ++ (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(pread64), 0)) < 0 || + /* The following are for resolving addresses */ + (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mmap), 0)) < 0 || + (rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(munmap), 0)) < 0 || diff --git a/net-misc/lldpd/lldpd-1.0.12.ebuild b/net-misc/lldpd/lldpd-1.0.12-r1.ebuild similarity index 98% rename from net-misc/lldpd/lldpd-1.0.12.ebuild rename to net-misc/lldpd/lldpd-1.0.12-r1.ebuild index 5a034bc1d1a4..7f942ca82105 100644 --- a/net-misc/lldpd/lldpd-1.0.12.ebuild +++ b/net-misc/lldpd/lldpd-1.0.12-r1.ebuild @@ -40,7 +40,7 @@ BDEPEND="virtual/pkgconfig REQUIRED_USE="graph? ( doc )" PATCHES=( - "${FILESDIR}/lldpd-1.0.10-glibc-2.33.patch" + "${FILESDIR}/${PN}-1.0.13-glibc-2.33.patch" ) src_prepare() { diff --git a/net-misc/lldpd/lldpd-1.0.13.ebuild b/net-misc/lldpd/lldpd-1.0.13-r1.ebuild similarity index 96% rename from net-misc/lldpd/lldpd-1.0.13.ebuild rename to net-misc/lldpd/lldpd-1.0.13-r1.ebuild index 2e1925b588b5..146a3f5d5986 100644 --- a/net-misc/lldpd/lldpd-1.0.13.ebuild +++ b/net-misc/lldpd/lldpd-1.0.13-r1.ebuild @@ -40,14 +40,14 @@ BDEPEND="virtual/pkgconfig REQUIRED_USE="graph? ( doc )" PATCHES=( - "${FILESDIR}/lldpd-1.0.10-glibc-2.33.patch" + # Can drop this on next release; upstream. + "${FILESDIR}/${P}-glibc-2.33.patch" ) src_prepare() { default eautoreconf - elibtoolize } src_configure() {
