From 940d9070e97858fdb6c0d84fc5617b8c10dab0ba Mon Sep 17 00:00:00 2001
From: Philipp Stephani <phst@google.com>
Date: Fri, 9 Dec 2022 19:32:14 +0100
Subject: [PATCH] Support newer glib versions (Bug#59061)

* lib-src/seccomp-filter.c (main): Allow pidfd_open system call
---
 lib-src/seccomp-filter.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib-src/seccomp-filter.c b/lib-src/seccomp-filter.c
index 7e54b878a22..69b56aed5c5 100644
--- a/lib-src/seccomp-filter.c
+++ b/lib-src/seccomp-filter.c
@@ -342,6 +342,8 @@ main (int argc, char **argv)
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (eventfd2));
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (wait4));
   RULE (SCMP_ACT_ALLOW, SCMP_SYS (poll));
+  RULE (SCMP_ACT_ALLOW, SCMP_SYS (pidfd_open),
+	SCMP_A1_32 (SCMP_CMP_EQ, 0));
 
   /* Don't allow creating sockets (network access would be extremely
      dangerous), but also don't crash.  */
-- 
2.39.2