*SSL libraries or the C library may/will require it. --- sandbox-seccomp-filter.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c index b6f6258..846bc08 100644 --- a/sandbox-seccomp-filter.c +++ b/sandbox-seccomp-filter.c @@ -129,6 +129,9 @@ static const struct sock_filter preauth_insns[] = { #else SC_ALLOW(sigprocmask), #endif +#ifdef __NR_getrandom + SC_ALLOW(getrandom), +#endif BPF_STMT(BPF_RET+BPF_K, SECCOMP_FILTER_FAIL), }; -- 2.2.2 _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev