seccomp: augment the @resources group a bit

poettering · poettering · commit 0963c053fa59 · 2017-09-14T15:45:21.000+02:00
Given that sched_setattr/sched_setparam/sched_setscheduler are already
in the group the closely related nice + ioprio_set should also be
included.

Also, order things alphabetically.
diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c
@@ -658,17 +658,19 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = {
                 .name = "@resources",
                 .help = "Alter resource settings",
                 .value =
+                "ioprio_set\0"
+                "mbind\0"
+                "migrate_pages\0"
+                "move_pages\0"
+                "nice\0"
+                "prlimit64\0"
+                "sched_setaffinity\0"
+                "sched_setattr\0"
                 "sched_setparam\0"
                 "sched_setscheduler\0"
-                "sched_setaffinity\0"
+                "set_mempolicy\0"
                 "setpriority\0"
                 "setrlimit\0"
-                "set_mempolicy\0"
-                "migrate_pages\0"
-                "move_pages\0"
-                "mbind\0"
-                "sched_setattr\0"
-                "prlimit64\0"
         },
         [SYSCALL_FILTER_SET_SETUID] = {
                 .name = "@setuid",
