File openssh-7.6p1-seccomp_geteuid.patch of Package openssh.18131

# HG changeset patch
# Parent  85f3cd6c8291c7feb0c1e7a0a3645c130532d206
Add the 'geteuid' syscall to allowed list, since it may becalled on the
mainframes when OpenSSL is using hardware crypto accelerator via libica
(via ibmica)

bsc#1004258

Index: openssh-7.6p1/sandbox-seccomp-filter.c
===================================================================
--- openssh-7.6p1.orig/sandbox-seccomp-filter.c	2019-03-12 14:38:28.832894162 +0100
+++ openssh-7.6p1/sandbox-seccomp-filter.c	2019-03-12 14:38:29.080895556 +0100
@@ -166,6 +166,12 @@ static const struct sock_filter preauth_
 #ifdef __NR_exit_group
 	SC_ALLOW(__NR_exit_group),
 #endif
+#ifdef __NR_geteuid
+	SC_ALLOW(__NR_geteuid),
+#endif
+#ifdef __NR_geteuid32
+	SC_ALLOW(__NR_geteuid32),
+#endif
 #ifdef __NR_getpgid
 	SC_ALLOW(__NR_getpgid),
 #endif