faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sys_linux: allow setting IP_FREEBIND option in seccomp filter

Browse source 
This is needed when chronyd is started with no allow directive, but the
NTP server socket is opened by the allow command later.
This commit is contained in:
Miroslav Lichvar 2015-09-09 16:36:48 +02:00
parent 5a40950ffd
commit 1619453b2b
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
sys_linux.c
View file

@ -478,7 +478,7 @@ SYS_Linux_EnableSystemCallFilter(int level)
}; };
const static int socket_options[][2] = { const static int socket_options[][2] = {
{ SOL_IP, IP_PKTINFO }, { SOL_IP, IP_PKTINFO }, { SOL_IP, IP_FREEBIND },
#ifdef FEAT_IPV6 #ifdef FEAT_IPV6
{ SOL_IPV6, IPV6_V6ONLY }, { SOL_IPV6, IPV6_RECVPKTINFO }, { SOL_IPV6, IPV6_V6ONLY }, { SOL_IPV6, IPV6_RECVPKTINFO },
#endif #endif