Control: fixed -1 3.3.1+ds2-1 Control: tags -1 bullseye Thank you for your bugreport.
On Tue, Oct 5, 2021 at 10:51 AM Will Thompson <w...@endlessos.org> wrote: > Package: podman > Version: 3.0.1+dfsg1-3+b2 > Severity: important > > podman embeds a default seccomp policy, which based on my research is > identical to that used by docker. The policy embedded in the bullseye > version of podman is buggy when used to run a container whose glibc is > 2.33.9000 or newer, due to that version's use of the clone3 syscall. The > lengthy commit message at > > https://github.com/moby/moby/commit/9f6b562dd12ef7b1f9e2f8e6f2ab6477790a6594 > explains the issue in considerable detail. > I believe this should be fixed with the changes I'm prepareing in the context of #994451 Would you mind trying the packages at https://people.debian.org/~siretart/bug.994451/ and let me know if they fix this issue as well? I'm fairly confident that it does. Thank you. -- regards, Reinhard
