Quoting Vivek Singh ([email protected]): > To make seccomp.full file I coppied all syscall numbers from unistd.h . If > I remove seccomp.full file from lxc.conf it works fine . But with > seccomp.full in lxc config it fails
Are 253, 254, and 255 in your seccomp.full file? Does strace show you which syscall was attempted? It would be worthwhile to come up with a way to better debug seccomp errors. Maybe using SCMP_ACT_TRAP, but I'm not sure how we would have the lxc monitor catch that for all tasks in the container. Open to ideas. -serge _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
