commit 768bce799bfe009e7dbaad5742738f7d05280d6d
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date:   Mon Mar 13 14:26:12 2017 +0100

    sys_linux: allow getpid in seccomp filter
    
    It seems to be used by syslog() in latest glibc.

diff --git a/sys_linux.c b/sys_linux.c
index 3dd411f..c06112a 100644
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -467,9 +467,10 @@ SYS_Linux_EnableSystemCallFilter(int level)
     SCMP_SYS(adjtimex), SCMP_SYS(clock_gettime), SCMP_SYS(gettimeofday),
     SCMP_SYS(settimeofday), SCMP_SYS(time),
     /* Process */
-    SCMP_SYS(clone), SCMP_SYS(exit), SCMP_SYS(exit_group), SCMP_SYS(getrlimit),
-    SCMP_SYS(rt_sigaction), SCMP_SYS(rt_sigreturn), SCMP_SYS(rt_sigprocmask),
-    SCMP_SYS(set_tid_address), SCMP_SYS(sigreturn), SCMP_SYS(wait4),
+    SCMP_SYS(clone), SCMP_SYS(exit), SCMP_SYS(exit_group), SCMP_SYS(getpid),
+    SCMP_SYS(getrlimit), SCMP_SYS(rt_sigaction), SCMP_SYS(rt_sigreturn),
+    SCMP_SYS(rt_sigprocmask), SCMP_SYS(set_tid_address), SCMP_SYS(sigreturn),
+    SCMP_SYS(wait4),
     /* Memory */
     SCMP_SYS(brk), SCMP_SYS(madvise), SCMP_SYS(mmap), SCMP_SYS(mmap2),
     SCMP_SYS(mprotect), SCMP_SYS(mremap), SCMP_SYS(munmap), SCMP_SYS(shmdt),
commit 653d70ec4e567b33b917f6784a68dfb254aa8984
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date:   Wed Apr 19 14:38:51 2017 +0200

    sys_linux: allow sysinfo in seccomp filter
    
    It may be used by glob() in latest glibc.

diff --git a/sys_linux.c b/sys_linux.c
index 649afb0..2cd178a 100644
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -490,7 +490,7 @@ SYS_Linux_EnableSystemCallFilter(int level)
     SCMP_SYS(poll), SCMP_SYS(read), SCMP_SYS(futex), SCMP_SYS(select),
     SCMP_SYS(set_robust_list), SCMP_SYS(write),
     /* Miscellaneous */
-    SCMP_SYS(uname),
+    SCMP_SYS(sysinfo), SCMP_SYS(uname),
   };
 
   const int socket_domains[] = {