diff options
| author | Brent Baude <bbaude@redhat.com> | 2020-08-19 14:03:12 -0500 |
|---|---|---|
| committer | Brent Baude <bbaude@redhat.com> | 2020-08-19 15:07:53 -0500 |
| commit | c50d37bc1045f1a493c89137eb1139cf5d910e0f (patch) | |
| tree | d3c934cf8ff2a6caf78a51f931034ec57d0089be /seccomp.json | |
| parent | 1deb4d1d70efb6d62f4fe5e735c94523f930b6d7 (diff) | |
| download | podman-c50d37bc1045f1a493c89137eb1139cf5d910e0f.tar.gz podman-c50d37bc1045f1a493c89137eb1139cf5d910e0f.tar.bz2 podman-c50d37bc1045f1a493c89137eb1139cf5d910e0f.zip | |
Fix v2.0.x CI
Fix the Ci for our 2.0.x branch.
Signed-off-by: Brent Baude <bbaude@redhat.com>
Diffstat (limited to 'seccomp.json')
| -rw-r--r-- | seccomp.json | 60 |
1 files changed, 27 insertions, 33 deletions
diff --git a/seccomp.json b/seccomp.json index fd0681a86..ba129383d 100644 --- a/seccomp.json +++ b/seccomp.json @@ -65,9 +65,11 @@ "chmod", "chown", "chown32", + "clock_adjtime", "clock_getres", "clock_gettime", "clock_nanosleep", + "clone", "close", "connect", "copy_file_range", @@ -167,6 +169,7 @@ "io_setup", "io_submit", "ipc", + "keyctl", "kill", "lchown", "lchown32", @@ -218,6 +221,7 @@ "pause", "pipe", "pipe2", + "pivot_root", "poll", "ppoll", "prctl", @@ -329,6 +333,7 @@ "sync_file_range", "syncfs", "sysinfo", + "syslog", "tee", "tgkill", "time", @@ -525,7 +530,8 @@ "names": [ "s390_pci_mmio_read", "s390_pci_mmio_write", - "s390_runtime_instr" + "s390_runtime_instr", + "clone" ], "action": "SCMP_ACT_ALLOW", "args": [], @@ -565,7 +571,6 @@ "setdomainname", "sethostname", "setns", - "syslog", "umount", "umount2", "unshare" @@ -678,6 +683,23 @@ }, { "names": [ + "get_mempolicy", + "mbind", + "name_to_handle_at", + "set_mempolicy" + ], + "action": "SCMP_ACT_ALLOW", + "args": [], + "comment": "", + "includes": { + "caps": [ + "CAP_SYS_NICE" + ] + }, + "excludes": {} + }, + { + "names": [ "acct" ], "action": "SCMP_ACT_ALLOW", @@ -726,7 +748,9 @@ "names": [ "settimeofday", "stime", - "clock_settime" + "clock_settime", + "clock_adjtime", + "adjtimex" ], "action": "SCMP_ACT_ALLOW", "args": [], @@ -751,36 +775,6 @@ ] }, "excludes": {} - }, - { - "names": [ - "get_mempolicy", - "mbind", - "set_mempolicy" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_SYS_NICE" - ] - }, - "excludes": {} - }, - { - "names": [ - "syslog" - ], - "action": "SCMP_ACT_ALLOW", - "args": [], - "comment": "", - "includes": { - "caps": [ - "CAP_SYSLOG" - ] - }, - "excludes": {} } ] } |