seccomp mess, continued, status update
Hal Murray
hmurray at megapathdsl.net
Mon Feb 24 06:34:22 UTC 2020
> Wouldn't it be simpler to ude a base image in the CI that isn't buggy?
Maybe. I don't know that area. If that is the only place we test seccomp,
then yes, we should switch to Fedora or Debian. If that is testing if we can
build on Alpine, then it has found a bug but the bug is in Alpine rather than
our code. We could maybe backup to an older version of Alpine, but I think it
would be better to test their latest/current version and document that seccomp
doesn't work there.
I'm working on a hack fix.
For the record, here is diff between Fedora and Alpine:
[murray at hgm ~]$ diff seccomp-syscalls.h-fedora seccomp-syscalls.h-alpine
275d274
< #define __PNR_ppoll -10241
1361,1366d1359
< #endif
<
< #ifdef __NR_ppoll
< #define __SNR_ppoll __NR_ppoll
< #else
< #define __SNR_ppoll __PNR_ppoll
[murray at hgm ~]$
--
These are my opinions. I hate spam.
More information about the devel
mailing list