From 6434cb2cfbbf0a46375d2d22f2ff9927feb5e478 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 6 Feb 2014 11:17:50 +1100
Subject:  - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures
 define     __NR_shutdown; some go via the socketcall(2) multiplexer.

---
 sandbox-seccomp-filter.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'sandbox-seccomp-filter.c')

diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index dbda60ba..c0c17c2f 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -98,7 +98,9 @@ static const struct sock_filter preauth_insns[] = {
 	SC_ALLOW(read),
 	SC_ALLOW(write),
 	SC_ALLOW(close),
+#ifdef __NR_shutdown /* not defined on archs that go via socketcall(2) */
 	SC_ALLOW(shutdown),
+#endif
 	SC_ALLOW(brk),
 	SC_ALLOW(poll),
 #ifdef __NR__newselect
-- 
cgit v1.2.1