procd-seccomp switched to OCI-compliant seccomp parser instead of our
(legacy, OpenWrt-specific) format. Convert ruleset to new format.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
include $(TOPDIR)/rules.mk
PKG_NAME:=umdns
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_SOURCE_URL=$(PROJECT_GIT)/project/mdnsd.git
PKG_SOURCE_PROTO:=git
{
- "whitelist": [
- "read",
- "write",
- "open",
- "close",
- "time",
- "brk",
- "ioctl",
- "uname",
- "bind",
- "connect",
- "getsockname",
- "recvmsg",
- "sendmsg",
- "sendto",
- "setsockopt",
- "socket",
- "poll",
- "fcntl64",
- "epoll_create",
- "epoll_ctl",
- "epoll_wait",
- "rt_sigaction",
- "sigreturn",
- "rt_sigreturn",
- "exit_group",
- "exit",
- "clock_gettime"
- ],
- "policy": 1
+ "defaultAction": "SCMP_ACT_KILL_PROCESS",
+ "syscalls": [
+ {
+ "names": [
+ "read",
+ "write",
+ "open",
+ "close",
+ "time",
+ "brk",
+ "ioctl",
+ "uname",
+ "bind",
+ "connect",
+ "getsockname",
+ "recvmsg",
+ "recvfrom",
+ "sendmsg",
+ "sendto",
+ "setsockopt",
+ "socket",
+ "pipe",
+ "poll",
+ "fcntl64",
+ "epoll_create",
+ "epoll_create1",
+ "epoll_ctl",
+ "epoll_wait",
+ "epoll_pwait",
+ "rt_sigaction",
+ "sigreturn",
+ "rt_sigreturn",
+ "rt_sigprocmask",
+ "exit_group",
+ "exit",
+ "fcntl",
+ "clock_gettime"
+ ],
+ "action": "SCMP_ACT_ALLOW"
+ }
+ ]
}
projects / openwrt / staging / zorun.git / commitdiff