diff options
| author | Lennart Poettering <lennart@poettering.net> | 2021-07-27 17:11:09 +0200 |
|---|---|---|
| committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2021-08-06 16:42:23 +0200 |
| commit | ddec4e0fc1744461d535091298d5da5b369ace0c (patch) | |
| tree | 0c61363515d7736d1a743117bb6a922b9ac1b60e /man/systemd.link.xml | |
| parent | eae9c99952f2a422b7fc1112406f25e8cd9fdb5e (diff) | |
| download | systemd-ddec4e0fc1744461d535091298d5da5b369ace0c.tar.gz | |
seccomp: move sched_getaffinity() from @system-service to @default
See: https://github.com/systemd/systemd/pull/20191#issuecomment-881982739
In general, we shouldn't blanket move syscalls like this into @default,
given that glibc actually does have fallbacks, afaics. However, as
long as the syscalls are "read-only" and thus benign, I figure it's a
safe thing to do. But we should probably stick to a "if in doubt, don't"
rule, and put these syscalls in @system-service as default, but not into
@default.
I think in the real world @system-service is the sensible group people
should use, and not @default actually.
(cherry picked from commit 7df660e45682af5c40a236abe1bdc5ddcf3b3533)
(cherry picked from commit 898949f71513da918c4aa94a0681fbc6b868e00f)
Diffstat (limited to 'man/systemd.link.xml')
0 files changed, 0 insertions, 0 deletions