Mailinglist Archive: opensuse-factory (1324 mails)

< Previous Next >
Re: [opensuse-factory] 32bit apps on OS 13.2 64bit responses with Bad system call
Am Sat, 3 Oct 2015 18:55:47 +0300
schrieb Andrei Borzenkov <arvidjaar@xxxxxxxxx>:

raven:~ # cat /proc/self/status | grep -i seccomp
Seccomp: 2
raven:~ #


Yes, you have seccomp enabled in mode 2. Unfortunately, I do not know
if it is possible to fetch actual seccomp filter in use.

Please read man systemd-system.conf. Check every file and directory
mentioned in this page - does it have SystemCallAcritectures set and
to which value. If there is none - something enables seccomp and you
will find out what. Start with booting with init=/bin/sh. What value
Seccomp has now? Boot into run level 1 - what value Seccomp has now?

Under /etc/systemd/ I found two files containing SystemCallArchitectures

/etc/systemd/system.conf:
SystemCallArchitectures=x86-64
other entries commented out

/etc/systemd/user.conf:
all entries commented out

I found:
SystemCallArchitectures= Takes a space-separated list of architecture
identifiers. Selects from which architectures system calls may be
invoked on this system.

So I guess "x86-64" is not correct in case 32bit code should be
executable, too. It should be "x86 x86-64". Right?

init=/bin/sh Seccomp: 2
init 1 to 5 Seccomp: 2

I think, I got the intention of SECure COMputing.
(I'm not a programmer, only a user)
But I can't see what is able to set the Seccomp mode, except it depends
on the SystemCallArchitectures option. And if so, what has changed the
option and why?
On the other hand, is it secure to change the SystemCallArchitectures
option simply to "x86 x86-64"?


--
Mit freundlichen Grüßen
Kind Regards

Peter Ragosch

--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups