On Sat, 13 Jul 2019 14:33:00 +0200 Christoph Biedl <debian.a...@manchmal.in-ulm.de> wrote: > Control: tags 931985 pending > > So here's the story: The dh_shlibdepends program runs under fakeroot, > and libfakeroot will be loaded be the file binary as well. Nothing new. > > Enter seccomp: The version of file in experimental is the first one to > have seccomp support enabled. The syscalls used by libffakeroot are not > whitelisted, so msgsend or getpid case program abort. You should have > seen according messages in the kernel log as well. > > A sane solution will take time. For the moment the only sane choice will > do to re-disable seccomp support. > > Christoph
Is it possible to patch the code to skip the seccomp support only under fakeroot? While we are slowly reducing the number of packages relying on fakeroot, it will probably take a decade or more to be completely free from it. But I think it would be unfortunate not to have the seccomp filtering until then. Thanks, ~Niels