seccomp: allow llseek(2) for TLS verification

libstrophe 0.9.2 uses OpenSSL to validate TLS certs by checking against
the system cert store.

Allow llseek(2). Probably a better way of handling syscalls is to allow
classes of syscalls based on OpenBSD's pledge.

src/xmppipe_sandbox_seccomp.c

@@ -147,6 +147,12 @@ xmppipe_sandbox_init(xmppipe_state_t *state)
 #ifdef __NR_getsockopt
         SC_ALLOW(getsockopt),
 #endif
+#ifdef __NR_lseek
+        SC_ALLOW(lseek),
+#endif
+#ifdef __NR__llseek
+        SC_ALLOW(_llseek),
+#endif
 
         /* uuid */
 #ifdef __NR_gettimeofday