mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 07:33:27 -06:00
8f1dda6404
This allows application to detect whether the kernel supports syscall or not. Previously, an error was unconditionally EPERM. There are many issues about glibc failed with new syscalls in containerized environments if their host run on old kernel. More about motivation for ENOSYS over EPERM: https://github.com/opencontainers/runc/issues/2151 https://github.com/opencontainers/runc/pull/2750 See about defaultErrnoRet introduction: https://github.com/opencontainers/runtime-spec/pull/1087 Previously, FreeIPA profile was vendored from https://github.com/containers/podman/blob/main/vendor/github.com/containers/common/pkg/seccomp/seccomp.json Now it is merged directly from https://github.com/containers/common/blob/main/pkg/seccomp/seccomp.json Fixes: https://pagure.io/freeipa/issue/9008 Signed-off-by: Stanislav Levin <slev@altlinux.org> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> |
||
|---|---|---|
| .. | ||
| azure_definitions | ||
| Dockerfiles | ||
| scripts | ||
| templates | ||
| azure-pipelines-rawhide.yml | ||
| azure-pipelines.yml | ||