working profile

Stenstromen · Stenstromen · commit e6984705bcc2 · 2026-01-06T19:18:54.000+01:00
diff --git a/strace/profiles/seccomp-profile.json b/strace/profiles/seccomp-profile.json
@@ -3,96 +3,70 @@
   "architectures": ["SCMP_ARCH_X86_64", "SCMP_ARCH_X86", "SCMP_ARCH_X32"],
   "syscalls": [
     {
-      "action": "SCMP_ACT_ALLOW",
       "names": [
-        "accept",
         "accept4",
         "arch_prctl",
         "bind",
-        "brk",
-        "chdir",
         "clock_gettime",
         "clone",
         "close",
-        "dup2",
-        "dup3",
+        "connect",
+        "epoll_create1",
+        "epoll_ctl",
+        "epoll_pwait",
+        "eventfd2",
         "execve",
         "exit_group",
-        "fchown",
         "fcntl",
         "fstat",
         "fstatfs",
-        "fork",
         "futex",
+        "getdents",
         "getdents64",
+        "getpeername",
         "getpid",
-        "getppid",
-        "getuid",
-        "getgid",
-        "geteuid",
-        "getegid",
-        "getcwd",
         "getrandom",
-        "gettimeofday",
+        "getsockname",
+        "getsockopt",
         "gettid",
-        "ioctl",
         "listen",
-        "lstat",
+        "madvise",
         "mmap",
         "mprotect",
         "munmap",
-        "madvise",
         "nanosleep",
         "openat",
         "openat2",
-        "pselect6",
         "prctl",
+        "pread64",
         "prlimit64",
         "read",
-        "readlinkat",
-        "readlink",
-        "access",
+        "readdirent",
         "rt_sigaction",
         "rt_sigprocmask",
         "rt_sigreturn",
         "sched_getaffinity",
         "sched_yield",
-        "select",
-        "epoll_create",
-        "epoll_create1",
-        "epoll_ctl",
-        "epoll_wait",
-        "epoll_pwait",
-        "pipe",
-        "pipe2",
-        "capget",
-        "capset",
-        "setgid",
-        "setgroups",
         "setsockopt",
-        "set_tid_address",
-        "setuid",
         "sigaltstack",
         "socket",
-        "recvfrom",
-        "sendto",
-        "sendmsg",
-        "recvmsg",
-        "connect",
-        "shutdown",
-        "getsockopt",
-        "getpeername",
-        "getsockname",
-        "stat",
         "statx",
-        "newfstatat",
         "tgkill",
-        "time",
         "uname",
-        "wait4",
         "write",
-        "writev"
-      ]
+        "set_tid_address",
+        "poll",
+        "brk",
+        "ioctl",
+        "open",
+        "recvfrom",
+        "sendto",
+        "sendmsg",
+        "sendmmsg",
+        "recvmsg",
+        "recvmmsg"
+      ],
+      "action": "SCMP_ACT_ALLOW"
     }
   ]
-}
+}
