|
|
@@ -1667,11 +1667,6 @@ func DefaultProfile(rs *specs.Spec) *types.Seccomp {
|
|
|
switch cap {
|
|
|
case "CAP_DAC_READ_SEARCH":
|
|
|
syscalls = append(syscalls, []*types.Syscall{
|
|
|
- {
|
|
|
- Name: "name_to_handle_at",
|
|
|
- Action: types.ActAllow,
|
|
|
- Args: []*types.Arg{},
|
|
|
- },
|
|
|
{
|
|
|
Name: "open_by_handle_at",
|
|
|
Action: types.ActAllow,
|
|
|
@@ -1706,6 +1701,11 @@ func DefaultProfile(rs *specs.Spec) *types.Seccomp {
|
|
|
Action: types.ActAllow,
|
|
|
Args: []*types.Arg{},
|
|
|
},
|
|
|
+ {
|
|
|
+ Name: "name_to_handle_at",
|
|
|
+ Action: types.ActAllow,
|
|
|
+ Args: []*types.Arg{},
|
|
|
+ },
|
|
|
{
|
|
|
Name: "perf_event_open",
|
|
|
Action: types.ActAllow,
|
Tibor Vass