BUG: problems with docker seccomp profiles on ARM

[xiaoge1001]

As shown in the above figure，The seccomp configuration does not seem to take effect on the arm machine. Check the status of the corresponding sh process. The seccomp rules should be written. As shown in the following figure:

[xiaoge1001]

But it works well on x86 machines:

[xiaoge1001]

What's the reason for this?

[pcmoore]

Hi @xiaoge1001,

Have your brought this up to the Docker folks? We aren't really in a position to support all of the applications that use libseccomp, e.g. Docker. If Docker indicates that this is a problem with libseccomp please let us know and we will be happy to dig into this further with you to try and resolve the problem.

[xiaoge1001]

The problem has been reported to Docker. The issue link is https://github.com/moby/moby/issues/45125

[pcmoore]

Looking at the linked Docker issue it appears that this problem is specific to a very old fork of Docker, taking this into consideration along with no widely reported ARM failures I think this a fork-specific bug and not a fault in the core libseccomp library. I'm going to close this issue but please re-open if you've identified the root cause as a fault with libseccomp.