From 3ab4961032315abb4fd4ed813034a114d1d55699 Mon Sep 17 00:00:00 2001
From: Antonio Murdaca <runcom@redhat.com>
Date: Mon, 20 Mar 2017 11:00:34 +0100
Subject: [PATCH] profiles: seccomp: allow clock_settime when CAP_SYS_TIME is
 added

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
---
 profiles/seccomp/default.json       | 3 ++-
 profiles/seccomp/seccomp_default.go | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/profiles/seccomp/default.json b/profiles/seccomp/default.json
index 5b742da0da..01ff1a4c56 100755
--- a/profiles/seccomp/default.json
+++ b/profiles/seccomp/default.json
@@ -900,7 +900,8 @@
 			"names": [
 				"settimeofday",
 				"stime",
-				"adjtimex"
+				"adjtimex",
+				"clock_settime"
 			],
 			"action": "SCMP_ACT_ALLOW",
 			"args": [],
diff --git a/profiles/seccomp/seccomp_default.go b/profiles/seccomp/seccomp_default.go
index b68834a12e..42bc3baa4b 100644
--- a/profiles/seccomp/seccomp_default.go
+++ b/profiles/seccomp/seccomp_default.go
@@ -735,6 +735,7 @@ func DefaultProfile() *types.Seccomp {
 				"settimeofday",
 				"stime",
 				"adjtimex",
+				"clock_settime",
 			},
 			Action: types.ActAllow,
 			Args:   []*types.Arg{},