Package: chrony
Version: 3.4-3
Severity: important
Tags: patch upstream
Dear Maintainer,
chrony on armel does not start due to seccomp not allowing all required
system calls.
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: armel (armv5tel)
Kernel: Linux 4.19.0-2-marvell
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages chrony depends on:
ii adduser 3.118
ii init-system-helpers 1.56+nmu1
ii iproute2 4.20.0-2
ii libc6 2.28-8
ii libcap2 1:2.25-2
ii libedit2 3.1-20181209-1
ii libnettle6 3.4.1-1
ii libseccomp2 2.3.3-4
ii lsb-base 10.2018112800
ii ucf 3.0038+nmu1
chrony recommends no packages.
Versions of packages chrony suggests:
pn dnsutils <none>
pn networkd-dispatcher <none>
-- no debconf information
--- chrony-3.4.orig/sys_linux.c
+++ chrony-3.4/sys_linux.c
@@ -504,8 +504,8 @@ SYS_Linux_EnableSystemCallFilter(int lev
SCMP_SYS(stat64), SCMP_SYS(statfs), SCMP_SYS(statfs64), SCMP_SYS(unlink),
/* Socket */
SCMP_SYS(bind), SCMP_SYS(connect), SCMP_SYS(getsockname),
SCMP_SYS(getsockopt),
- SCMP_SYS(recvfrom), SCMP_SYS(recvmmsg), SCMP_SYS(recvmsg),
+ SCMP_SYS(recvfrom), SCMP_SYS(recvmmsg), SCMP_SYS(recvmsg),SCMP_SYS(recv),
- SCMP_SYS(sendmmsg), SCMP_SYS(sendmsg), SCMP_SYS(sendto),
+ SCMP_SYS(sendmmsg), SCMP_SYS(sendmsg), SCMP_SYS(sendto),SCMP_SYS(send),
/* TODO: check socketcall arguments */
SCMP_SYS(socketcall),
/* General I/O */
