1 mmap: 1 2 open: 1 3 read: 1 4 close: 1 5 fstat: 1 6 mprotect: 1 7 munmap: 1 8 stat: 1 9 write: 1 10 lseek: 1 11 brk: 1 12 fcntl: 1 13 execve: 1 14 sendto: 1 15 # Allow domain == PF_FILE || domain == PF_INET || domain == PF_NETLINK 16 socket: arg0 == 1 || arg0 == 2 || arg0 == 16 17 connect: 1 18 poll: 1 19 access: 1 20 arch_prctl: 1 21 wait4: 1 22 rt_sigaction: 1 23 exit_group: 1 24 rt_sigprocmask: 1 25 clone: 1 26 # Allow request == RTC_SET_TIME || request == FIONREAD 27 ioctl: arg1 == 0x4024700a || arg1 == 0x541b 28 getuid: 1 29 exit: 1 30 rt_sigreturn: 1 31 rename: 1 32 select: 1 33 setgid: 1 34 settimeofday: 1 35 restart_syscall: 1 36 setresgid: 1 37 setgroups: 1 38 setsockopt: 1 39 bind: 1 40 recvfrom: 1 41 setresuid: 1 42 nanosleep: 1 43 clock_gettime: 1 44 clock_settime: 1 45 futex: 1 46 getrlimit: 1 47 set_robust_list: 1 48 set_tid_address: 1 49
