From 7625a555797f587a89dc2447fd9d621024d5165c Mon Sep 17 00:00:00 2001
From: Roy Marples <roy@marples.name>
Date: Fri, 26 Aug 2022 09:24:50 +0100
Subject: [PATCH 2/2] privsep: Allow newfstatat syscall as well

Allows newer glibc variants to work apparently.
As reported in #84 and #89.

Upstream-Status: Backport [7625a555797f587a89dc2447fd9d621024d5165c]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
 src/privsep-linux.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/privsep-linux.c b/src/privsep-linux.c
index 479a1d82..6327b1bc 100644
--- a/src/privsep-linux.c
+++ b/src/privsep-linux.c
@@ -328,6 +328,9 @@ static struct sock_filter ps_seccomp_filter[] = {
 #ifdef __NR_nanosleep
 	SECCOMP_ALLOW(__NR_nanosleep),	/* XXX should use ppoll instead */
 #endif
+#ifdef __NR_newfstatat
+	SECCOMP_ALLOW(__NR_newfstatat),
+#endif
 #ifdef __NR_ppoll
 	SECCOMP_ALLOW(__NR_ppoll),
 #endif
-- 
2.17.1