1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
From: Michael Biebl <biebl@debian.org>
Date: Tue, 19 Nov 2019 09:10:23 +0100
Subject: udev: drop SystemCallArchitectures=native from systemd-udevd.service
We can't really control what helper programs are run from other udev
rules. E.g. running i386 binaries under amd64 is a valid use case and
should not trigger a SIGSYS failure.
Closes: #869719
---
units/systemd-udevd.service.in | 1 -
1 file changed, 1 deletion(-)
diff --git a/units/systemd-udevd.service.in b/units/systemd-udevd.service.in
index e9dbe85..22ca8b9 100644
--- a/units/systemd-udevd.service.in
+++ b/units/systemd-udevd.service.in
@@ -37,7 +37,6 @@ RestrictSUIDSGID=yes
SystemCallFilter=@system-service @module @raw-io bpf
SystemCallFilter=~@clock
SystemCallErrorNumber=EPERM
-SystemCallArchitectures=native
LockPersonality=yes
IPAddressDeny=any
{{SERVICE_WATCHDOG}}
|
