The epoll_ctl operation not permitted

[archine]

I've added SYS_EPOLL_CTL, but looking at the call log through strace will still appear.

• all calls

"openat",
"futex",
"fcntl",
"clone",
"rt_sigprocmask",
"rt_sigreturn",
"rt_sigaction",
"mmap",
"readlinkat",
"read",
"write",
"tgkill",
"epoll_create1",
"epoll_ctl",
"pipe2",
"fstat",
"pread64",
"close",
"prctl",
"getpid",
"gettid",
"set_tid_address",
"rseq",
"newfstatat",

• invoke

func Seccomp(allowedSysCalls []string) error {
	ctx, err := seccomp.NewFilter(seccomp.ActKillProcess)
	if err != nil {
		return err
	}
	for _, syscallID := range allowedSysCalls {
		call, err := seccomp.GetSyscallFromName(syscallID)
		if err != nil {
			return err
		}
		if err = ctx.AddRule(call, seccomp.ActAllow); err != nil {
			return err
		}
	}
	if err = ctx.Load(); err != nil {
		return err
	}
	return nil
}

• go version go1.20.14 linux/amd64
• libseccomp-golang: v0.10.0
• os: 5.15.0-78-generic

[archine]

the libseccomp version:

ii libseccomp-dev:amd64 2.5.3-2ubuntu2 amd64 high level interface to Linux seccomp filter (development files)
ii libseccomp2:amd64 2.5.3-2ubuntu2 amd64 high level interface to Linux seccomp filter