Update for arc4random and syslog changes

2 files changed, 8 insertions, 3 deletions

diff --git a/etc/systrace/usr_sbin_lpd b/etc/systrace/usr_sbin_lpd
index 95303029e16..bcc2ffc400e 100644
--- a/etc/systrace/usr_sbin_lpd
+++ b/etc/systrace/usr_sbin_lpd
@@ -1,4 +1,4 @@
-# $OpenBSD: usr_sbin_lpd,v 1.5 2004/05/13 04:50:04 sturm Exp $
+# $OpenBSD: usr_sbin_lpd,v 1.6 2014/07/14 05:48:18 guenther Exp $
 #
 # Policy for lpd.
 # This policy works for the default configuration of lpd.
@@ -51,6 +51,7 @@ Policy: /usr/sbin/lpd, Emulation: native
 	native-ftruncate: permit
 	native-getdirentries: permit
 	native-getegid: permit
+	native-getentropy: permit
 	native-geteuid: permit
 	native-getpid: permit
 	native-getsockname: permit
@@ -60,6 +61,7 @@ Policy: /usr/sbin/lpd, Emulation: native
 	native-kill: permit
 	native-listen: permit
 	native-lseek: permit
+	native-minherit: permit
 	native-mmap: permit
 	native-mprotect: permit
 	native-mquery: permit
@@ -69,6 +71,7 @@ Policy: /usr/sbin/lpd, Emulation: native
 	native-read: permit
 	native-recvfrom: permit
 	native-select: permit
+	native-sendsyslog: permit
 	native-sendto: permit
 	native-setegid: gid eq "1" then permit
 	native-seteuid: uid eq "0" then permit
@@ -84,4 +87,3 @@ Policy: /usr/sbin/lpd, Emulation: native
 	native-umask: permit
 	native-wait4: permit
 	native-write: permit
-
diff --git a/etc/systrace/usr_sbin_named b/etc/systrace/usr_sbin_named
index 2a0c4038207..70257d120de 100644
--- a/etc/systrace/usr_sbin_named
+++ b/etc/systrace/usr_sbin_named
@@ -1,4 +1,4 @@
-# $OpenBSD: usr_sbin_named,v 1.6 2010/07/23 03:13:51 ray Exp $
+# $OpenBSD: usr_sbin_named,v 1.7 2014/07/14 05:48:18 guenther Exp $
 #
 # Policy for named that uses named user and chroots to /var/named
 # This policy works for the default configuration of named.
@@ -47,6 +47,7 @@ Policy: /usr/sbin/named, Emulation: native
 	native-fswrite: filename eq "/var/run/named.pid" then permit
 	native-fswrite: filename match "/var/tmp/*" then permit
 	native-fsync: permit
+	native-getentropy: permit
 	native-getpid: permit
 	native-getppid: permit
 	native-getrlimit: permit
@@ -59,6 +60,7 @@ Policy: /usr/sbin/named, Emulation: native
 	native-kill: permit
 	native-listen: permit
 	native-lseek: permit
+	native-minherit: permit
 	native-mmap: permit
 	native-mprotect: permit
 	native-mquery: permit
@@ -71,6 +73,7 @@ Policy: /usr/sbin/named, Emulation: native
 	native-rename: filename match "/slave/*" and filename[1] match "/slave/*" then permit
 	native-select: permit
 	native-sendmsg: permit
+	native-sendsyslog: permit
 	native-sendto: true then permit
 	native-setegid: gid eq "70" then permit
 	native-seteuid: uid eq "70" and uname eq "named" then permit