On Sun, May 21, 2023 at 10:41:30PM +0200, jvoisin wrote: > Hello, > > it seems that chrony's seccomp policy doesn't play nice with Alpine > Linux, likely due to the fact that there is a call to `membarrier` > somewhere that the latter does and that the former doesn't like. > > See https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/47087 > for details.
Thanks for the report. Does it work for you if you apply this patch? --- a/sys_linux.c +++ b/sys_linux.c @@ -498,6 +498,9 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context) SCMP_SYS(getrlimit), SCMP_SYS(getuid), SCMP_SYS(getuid32), +#ifdef __NR_membarrier + SCMP_SYS(membarrier), +#endif #ifdef __NR_rseq SCMP_SYS(rseq), #endif If you have extracted source code, can you please run these two tests to confirm there are no other seccomp failures on musl? # cd test/system # ./099-scfilter # ./199-scfilter -- Miroslav Lichvar -- To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe" in the subject. For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the subject. Trouble? Email listmas...@chrony.tuxfamily.org.