From be0593709c1492a15c9a26b5e5714e3217fde5d0 Mon Sep 17 00:00:00 2001
From: sthen <sthen@openbsd.org>
Date: Wed, 20 Jul 2011 18:11:06 +0000
Subject: [PATCH] Permit utimensat(2) and futimens(2), as discussed with
 matthew@. Fixes ruby 1.9 build with systrace now that we have these system
 calls. The other new *at system calls need to have path restrictions and will
 need further work so are still prevented for now (in those cases, the
 supplied paths are *relative to a certain FD*, so we can't simply examine
 supplied paths).

---
 infrastructure/db/systrace.filter | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/infrastructure/db/systrace.filter b/infrastructure/db/systrace.filter
index 4f0c5982236..316bc57d254 100644
--- a/infrastructure/db/systrace.filter
+++ b/infrastructure/db/systrace.filter
@@ -72,6 +72,7 @@
 	native-fsync: permit
 	native-ftruncate: permit
 	native-futimes: permit
+	native-futimens: permit
 	native-getdirentries: permit
 	native-getegid: permit
 	native-geteuid: permit
@@ -190,6 +191,7 @@
 	native-symlink: string eq "" and filename eq "" then deny[enoent]
 	native-sync: permit
 	native-umask: permit
+	native-utimensat: permit
 	native-utimes: permit
 	native-vfork: permit
 	native-wait4: permit