On Fri, 24 May 2024 at 23:54, Tianon Gravi <tia...@debian.org> wrote:
> Hi!  When using Docker in bookworm (current stable) and trying to run
> containers based on newer distributions (like the recently released
> Alpine 3.20), they will sometimes attempt to invoke newer syscalls like
> fchmodat2.  Due to the way syscalls that libseccomp does not know about
> interact with Docker's seccomp profiles, these sometimes get EPERM
> instead of ENOSYS like they should, which breaks their fallback.
> Is there any chance of getting these newer syscalls into some version in
> bookworm? (backports is very acceptable, but it *seems* like this might
> be appropriate for a stable update too?  I very much defer to your
> wisdom/experience! <3)

To add more useful affirmative data -- I reproduced one of my
confirmed failing builds against stable's 2.5.4, upgraded just
libseccomp2 to unstable's 2.5.5, and the build was then successful. :D

- Tianon
  4096R / B42F 6819 007F 00F8 8E36  4FD4 036A 9C25 BF35 7DD4

Reply via email to