Commit Briefs
accept4 -> accept
accept4(2) isn't part of any standard (even though it'll be part in the future) and raises warnings on some linux distro. Moreover, we don't have thread that may fork at any time, so doing a mark_nonblock after isn't a big deal.
use fatal instead of err/fprintf+exit
fatal logs to the correct place, err only on stderr.
[seccomp] allow newfstatat and gettimeofday
these are required to run on arch linux (at least)
allow epoll_wait
fedora 33 issue an epoll_wait instead of pwait.
fix seccomp for the new event loop
add/remove syscalls from the BPF filter and move sandbox() after libevent initialisation
we don't need unveil "x" in listener
not a big deal, since the pledge prohibits us to exec, but nevertheless.
[seccomp] allow fcntl F_SETFD
musl does a F_SETFD in its fdopendir