don't include err.h, gmid.h (via config.h) does that

[seccomp] allow getrandom

we don't need unveil "x" in listener not a big deal, since the pledge prohibits us to exec, but nevertheless.

[seccomp] allow fcntl F_SETFD musl does a F_SETFD in its fdopendir

fix date

added missic copyright notice

drop seccomp.h: not needed


allow clock_gettime and a bit of fmt alpine on amd64 (under OpenBSD vmd) tries to do a clock_gettime. I don't know why, but it doesn't seem a problem to allow it.

fix BPF

tighten the rules for fcntl allow only the F_GETFL and F_SETFL commands

explain the poll mess

__NR_poll doesn't seem to be defined on aarch64

[seccomp] allow also poll on the latest fedora we glibc uses poll. On the other linux distro I tried (void), musl is probably providing poll as a ppoll wrapper.

we don't need to check for CGI anymore