It looks like the seccomp auto-detection system doesn't work anymore in 5.3.1
Running proot ... generates a segfault, while PROOT_NO_SECCOMP=1 proot ... works.
Expected Behavior
Working proot.
Actual Behavior
Segfault.
Steps to Reproduce the Problem
Compile and install proot 5.3.1
Run proot echo "foo"
Note the lack of output (and explicit segfault in verbose mode)
Specifications
Proot/Care version: 5.3.1
Kernel version: 3.10.0-1160.76.1.el7.x86_64)
Host distribution: CentOS 7.9
Guest distribution: CentOS 7.9
Command Output
With version 5.3.1:
$ proot -V
_____ _____ ___
| __ \ __ \_____ _____| |_
| __/ / _ \/ _ \ _|
|__| |__|__\_____/\_____/\____| v5.3.1-99a84175
built-in accelerators: process_vm = yes, seccomp_filter = yes
Visit https://proot-me.github.io for help, bug reports, suggestions, patches, ...
Copyright (C) 2022 PRoot Developers, licensed under GPL v2 or later.
$ proot -v 1 echo "foo"
proot info: binding = /
proot info: exe = /usr/bin/echo
proot info: argv = echo foo
proot info: initial cwd = /home/users/kilian
proot info: verbose level = 1
proot info: pid 27882: access to "/dev/pts/0" (fd 0) won't be translated until closed
proot info: pid 27882: access to "/dev/pts/0" (fd 1) won't be translated until closed
proot info: pid 27882: access to "/dev/pts/0" (fd 2) won't be translated until closed
proot info: pid 27882: access to "/proc/27882/fd" (fd 3) won't be translated until closed
proot info: ptrace acceleration (seccomp mode 2) enabled
proot info: vpid 1: terminated with signal 11
$ PROOT_NO_SECCOMP=1 proot -v 1 echo "foo"
proot info: binding = /
proot info: exe = /usr/bin/echo
proot info: argv = echo foo
proot info: initial cwd = /home/users/kilian
proot info: verbose level = 1
proot info: pid 28577: access to "/dev/pts/0" (fd 0) won't be translated until closed
proot info: pid 28577: access to "/dev/pts/0" (fd 1) won't be translated until closed
proot info: pid 28577: access to "/dev/pts/0" (fd 2) won't be translated until closed
proot info: pid 28577: access to "/proc/28577/fd" (fd 3) won't be translated until closed
foo
proot info: vpid 1: exited with status 0
The same thing works with proot 5.2.0:
$ proot -V
_____ _____ ___
| __ \ __ \_____ _____| |_
| __/ / _ \/ _ \ _|
|__| |__|__\_____/\_____/\____| v5.2.0
built-in accelerators: process_vm = yes, seccomp_filter = yes
Visit https://proot-me.github.io for help, bug reports, suggestions, patches, ...
Copyright (C) 2021 PRoot Developers, licensed under GPL v2 or later.
$ proot -v 1 echo "foo"
proot info: binding = /
proot info: exe = /usr/bin/echo
proot info: argv = echo foo
proot info: initial cwd = /home/users/kilian
proot info: verbose level = 1
proot info: pid 28661: access to "/dev/pts/0" (fd 0) won't be translated until closed
proot info: pid 28661: access to "/dev/pts/0" (fd 1) won't be translated until closed
proot info: pid 28661: access to "/dev/pts/0" (fd 2) won't be translated until closed
proot info: pid 28661: access to "/proc/28661/fd" (fd 3) won't be translated until closed
proot info: ptrace acceleration (seccomp mode 2) enabled
foo
proot info: vpid 1: exited with status 0
It looks like some sort of regression between 5.2.0 and 5.3.1?
Summary
It looks like the seccomp auto-detection system doesn't work anymore in 5.3.1 Running
proot ...
generates a segfault, whilePROOT_NO_SECCOMP=1 proot ...
works.Expected Behavior
Working proot.
Actual Behavior
Segfault.
Steps to Reproduce the Problem
proot echo "foo"
Specifications
Command Output
With version 5.3.1:
The same thing works with
proot
5.2.0:It looks like some sort of regression between 5.2.0 and 5.3.1?