diff options
Diffstat (limited to 'lib-src/seccomp-filter.c')
| -rw-r--r-- | lib-src/seccomp-filter.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib-src/seccomp-filter.c b/lib-src/seccomp-filter.c index d368cbb46c8..9f0de7d64f8 100644 --- a/lib-src/seccomp-filter.c +++ b/lib-src/seccomp-filter.c @@ -59,7 +59,8 @@ variants of those files that can be used to sandbox Emacs before #include <seccomp.h> #include <unistd.h> -#include "verify.h" +#include <attribute.h> +#include <verify.h> #ifndef ARCH_CET_STATUS #define ARCH_CET_STATUS 0x3001 @@ -240,7 +241,9 @@ main (int argc, char **argv) should be further restricted using mount namespaces. */ RULE (SCMP_ACT_ALLOW, SCMP_SYS (access)); RULE (SCMP_ACT_ALLOW, SCMP_SYS (faccessat)); +#ifdef __NR_faccessat2 RULE (SCMP_ACT_ALLOW, SCMP_SYS (faccessat2)); +#endif RULE (SCMP_ACT_ALLOW, SCMP_SYS (stat)); RULE (SCMP_ACT_ALLOW, SCMP_SYS (stat64)); RULE (SCMP_ACT_ALLOW, SCMP_SYS (lstat)); |