Closed q53 closed 1 week ago
It looks like it's failing in installSeccompNotify
, which uses SECCOMP_IOCTL_NOTIF_*
in seccomp rules. I think this was introduced in https://github.com/google/gvisor/commit/32bbb188230a1c2926c36b681b612e12e1145701 and depends on a kernel feature that was introduced in Linux 5.0.
@avagin, should this either have fallback code for older kernels, or should Systrap explicitly drop support for old kernels? (Linux 5.0 is more than a half-decade old.)
@q53 The fix has been commited. Could you verify that it works in your environment?
@avagin Looks like it works.
Description
At least release-20240305.0 is not affected. Works without issues on Rocky Linux release 9.4 5.14.0-427.13.1.el9_4.x86_64.
Steps to reproduce
docker -D -l debug run -i --runtime runsc --rm --name=test docker.io/library/registry:latest
runsc version
docker version (if using docker)
uname
4.18.0-425.10.1.el8_7.x86_64 #1 SMP Thu Jan 12 10:05:00 EST 2023
kubectl (if using Kubernetes)
No response
repo state (if built from source)
No response
runsc debug logs (if available)
runsc-debug.log