| Re: [chrony-dev] [GIT] chrony/chrony.git branch master updated. 3.1-17-g653d70e |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-dev Archives
]
- To: chrony-dev@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [chrony-dev] [GIT] chrony/chrony.git branch master updated. 3.1-17-g653d70e
- From: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
- Date: Wed, 26 Apr 2017 15:43:58 +0200
- Authentication-results: ext-mx04.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
- Authentication-results: ext-mx04.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=mlichvar@xxxxxxxxxx
- Dkim-filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 26EC285541
- Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 26EC285541
On Wed, Apr 26, 2017 at 03:29:03PM +0200, Vincent Blut wrote:
> > sys_linux: allow sysinfo in seccomp filter
> >
> > It may be used by glob() in latest glibc.
>
> Do you have an idea about which commit in glibc justifies this patch?
No, sorry. I saw it on Fedora 26, which has glibc-2.24.
If you add the dumpdir and dumponexit options to chrony.conf and run
chronyd with -F 1 at least two times to have some files in dumpdir,
you should see a crash if glibc is using that syscall. The cleanup of
old dump files on start is the only thing in chronyd using glob()
after seccomp filter was loaded.
--
Miroslav Lichvar
--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.