seccomp tangle - Alpine Linux

[Hal Murray]

I don't know what changed to trigger this.

I assume you can't easily test on Alpine, so I poked around a bit.

It's working after the edit below.  I don't know if this will break on some 
other system.  Probably not.  These look like vanilla system calls.  Some 
syscalls don't exist on some systems so you will see an #ifdef so skip them.

This is mostly a heads up that just adding things from reports may break some 
other systems.

 /* Arch Linux */
+       SCMP_SYS(getgid),
+       SCMP_SYS(getuid),
        SCMP_SYS(getpid),
        SCMP_SYS(gettid),
+       SCMP_SYS(getegid),
        SCMP_SYS(geteuid),

It's happening during initializatioin, right after:
 3 Sep 21:41:39 ntpd[4714]: NTSc: Using system default root certificates.   
 3 Sep 21:41:39 ntpd[4714]: ERR: SIGSYS: got a trap.                    
 3 Sep 21:41:39 ntpd[4714]: ERR: SIGSYS/seccomp bad syscall 102/0xc000003e     

 3 Sep 21:41:39 ntpd[4714]: ERR: Stack trace:                                  

 3 Sep 21:41:39 ntpd[4714]: ERR: #1 0x791780a11304 in ?? 

gdb doesn't give me a stack trace, so I don't know where the calls are coming 
from.

The normal next line is:
 3 Sep 21:56:03 ntpd[6180]: NTSs: loaded certificate (chain) from 
/etc/ntp/alp....
So it's probably in libssl.

But gdb does print out the syscall name, so knowing which syscall to add is 
simple.


-- 
These are my opinions.  I hate spam.