Bug#984573: systemd: backport support for SYSTEMD_SECCOMP to Buster
bluca at debian.org
Fri Mar 5 10:49:49 GMT 2021
Since glibc 2.33 faccessat() is implemented via faccessat2(), which
is breaking running containers that use such version of glibc under
systemd-nspawn in Buster.
This is because faccessat2 is not in the "known" seccomp set of
). Also, without https://github.com/systemd/systemd/pull/16819/commits
seccomp would still return EPERM instead of ENOSYS for faccessat2(), thus breaking the internal fallback to the original faccessat() implementation.
It would be great thus if the following could be backported to Buster
in the next proposed-updates upload:
This would allow to run such new containers via nspawn on Buster.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: This is a digitally signed message part
More information about the Pkg-systemd-maintainers