Bug#981007: systemd: default syscall-filter list is incomplete for i386 and breaks tar
Raphaƫl Hertzog
raphael at freexian.com
Mon Jan 25 14:49:38 GMT 2021
Package: systemd
Version: 241-7~deb10u5
Severity: important
Tags: patch upstream
User: devel at kali.org
Usertags: origin-kali
Control: fixed -1 systemd/244.1-1
We are running dist-upgrade tests within systemd-nspawn containers
and since we upgraded to buster, our i386 tests, running on an amd64
host machine, are failing with messages like this one:
---
Fetched 7044 MB in 1617d 11h 20min 34s (50 B/s)
tar: ./control: Cannot utime: Operation not permitted
tar: ./md5sums: Cannot utime: Operation not permitted
tar: ./shlibs: Cannot utime: Operation not permitted
tar: ./symbols: Cannot utime: Operation not permitted
tar: ./triggers: Cannot utime: Operation not permitted
tar: .: Cannot utime: Operation not permitted
tar: Exiting with failure status due to previous errors
dpkg-deb: error: tar subprocess returned error exit status 2
---
Thanks to https://bugzilla.redhat.com/show_bug.cgi?id=1770154 I understood
that this is actually related to the lack of some system calls
in the default whitelist maintained by systemd.
This has been fixed with this upstream pull request:
https://github.com/systemd/systemd/pull/13975
So this issue is only affecting the stable version 241-7~deb10u5.
The version in buster-backports is fine, as is the version in
testing/unstable.
But it would still be nice if this could be fixed via a point release.
Thanks for maintaining systemd!
More information about the Pkg-systemd-maintainers
mailing list