added missing seccomp filters

Whonix · Aug 14, 2023 · 34e9f42 · 34e9f42
1 parent d11ed97
commit 34e9f42
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/lib/systemd/system/kloak.service b/lib/systemd/system/kloak.service
@@ -55,7 +55,7 @@ NoNewPrivileges=true
 RestrictRealtime=true
 RestrictNamespaces=true
 SystemCallArchitectures=native
-SystemCallFilter=ioctl nanosleep select write read openat close brk fstat lseek mmap mprotect munmap rt_sigaction rt_sigprocmask access execve getuid arch_prctl set_tid_address set_robust_list prlimit64 pread64 getrandom
+SystemCallFilter=ioctl nanosleep select write read openat close brk fstat lseek mmap mprotect munmap rt_sigaction rt_sigprocmask access execve getuid arch_prctl set_tid_address set_robust_list prlimit64 pread64 getrandom newfstatat poll
 
 [Install]
 WantedBy=multi-user.target