-
Notifications
You must be signed in to change notification settings - Fork 83
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
seccomp: do not fail on error from seccomp_arch_add() #219
Conversation
@AkihiroSuda How can I get an RPM to install with this new change? Is there a script? |
I see this: https://github.com/containers/podman/blob/master/contrib/build_rpm.sh I will try |
I don't know how to build RPM, but you can install slirp4netns from the source: https://github.com/rootless-containers/slirp4netns#install-from-source |
This one seems for Podman, not for slirp4netns |
@AkihiroSuda I thought it bundled both but probably not you're right. |
Works, full log:
If I run:
This confirms that this PR fixes the issue. |
Thanks, could you also try https://github.com/rootless-containers/slirp4netns#usage but with I want to know the output of the newly added |
And network access works in the namespace |
Thank, but the |
Sorry please try this diff --git a/seccompfilter.c b/seccompfilter.c
index 3de6b95..edd3cfb 100644
--- a/seccompfilter.c
+++ b/seccompfilter.c
@@ -20,7 +20,7 @@ int enable_seccomp()
if (rc < 0 && rc != -EEXIST) {
fprintf(stderr,
"seccomp: WARNING: can't add extra arch (i=%d): %s\n", i,
- strerror(errno));
+ strerror(-rc));
}
}
printf("seccomp: The following syscalls will be blocked by seccomp:"); |
|
Thanks, never heard of this errno 👀 > |
@AkihiroSuda Me neither. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
just a typo, otherwise LGTM
Especially ignore EDOM on ppc64le Fix containers/podman#6922 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Fix containers/podman#6922