From 881e427f3236046466bdb8235edf86e6dfa34391 Mon Sep 17 00:00:00 2001
From: Michael Bishop <cleverca22@gmail.com>
Date: Mon, 11 Jun 2018 08:30:48 -0300
Subject: [PATCH] fix the seccomp filter to include a few previously missed
 syscalls

---
 ntpd/ntpd.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/ntpd/ntpd.c b/ntpd/ntpd.c
index 2c7f02ec5..4c59dc2ba 100644
--- a/ntpd/ntpd.c
+++ b/ntpd/ntpd.c
@@ -1140,10 +1140,12 @@ int scmp_sc[] = {
 	SCMP_SYS(close),
 	SCMP_SYS(connect),
 	SCMP_SYS(exit_group),
+	SCMP_SYS(fcntl),
 	SCMP_SYS(fstat),
 	SCMP_SYS(fsync),
 	SCMP_SYS(futex),
 	SCMP_SYS(getitimer),
+	SCMP_SYS(getpid),
 	SCMP_SYS(getsockname),
 	SCMP_SYS(ioctl),
 	SCMP_SYS(lseek),
@@ -1162,6 +1164,8 @@ int scmp_sc[] = {
 	SCMP_SYS(sendto),
 	SCMP_SYS(setitimer),
 	SCMP_SYS(setsid),
+	SCMP_SYS(setsockopt),
+	SCMP_SYS(openat),
 	SCMP_SYS(socket),
 	SCMP_SYS(stat),
 	SCMP_SYS(time),
@@ -1178,9 +1182,11 @@ int scmp_sc[] = {
 	SCMP_SYS(clock_settime),
 	SCMP_SYS(close),
 	SCMP_SYS(exit_group),
+	SCMP_SYS(fcntl),
 	SCMP_SYS(fsync),
 	SCMP_SYS(futex),
 	SCMP_SYS(getitimer),
+	SCMP_SYS(getpid),
 	SCMP_SYS(madvise),
 	SCMP_SYS(mmap),
 	SCMP_SYS(mmap2),
@@ -1194,6 +1200,8 @@ int scmp_sc[] = {
 	SCMP_SYS(select),
 	SCMP_SYS(setitimer),
 	SCMP_SYS(setsid),
+	SCMP_SYS(setsockopt),
+	SCMP_SYS(openat),
 	SCMP_SYS(sigprocmask),
 	SCMP_SYS(sigreturn),
 	SCMP_SYS(socketcall),