Closed nuclearsandwich closed 2 years ago
This pull request has been mentioned on ROS Discourse. There might be relevant details there:
https://discourse.ros.org/t/holding-releases-to-perform-rolling-transition-to-new-platforms/24191/12
Seems good to my eyes:
cookbook-ros-buildfarm/files on update-seccomp-policy [?] ❯ diff -u /tmp/moby-20.10.12/profiles/seccomp/default.json docker-seccomp-default-with-personality.json
--- /tmp/moby-20.10.12/profiles/seccomp/default.json 2021-12-12 11:11:51.000000000 +0100
+++ docker-seccomp-default-with-personality.json 2022-02-16 21:09:30.344735175 +0100
@@ -234,6 +234,7 @@
"openat",
"openat2",
"pause",
+ "personality",
"pidfd_open",
"pidfd_send_signal",
"pipe",
This pulls in the default seccomp profile from moby/moby 20.10.12 which includes, among other changes, support for the clone3 system call which is being blocked in our current Ubuntu Jammy sourcedeb containers.
The personality system call for sbcl in ROS 1 is maintained.