[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 24 Jul 2021 01:56:25 -0400
From: Rich Felker <dalias@...c.org>
To: Yuri Kanivetsky <yuri.kanivetsky@...il.com>
Cc: musl@...ts.openwall.com
Subject: Re: faccessat() always return EPERM
On Fri, Jul 23, 2021 at 09:40:22PM -0400, Rich Felker wrote:
> On Sat, Jul 24, 2021 at 04:16:25AM +0300, Yuri Kanivetsky wrote:
> > Hi,
> >
> > I'm not sure that it has something to do with musl. But experienced in
> > a Alpine Linux docker container (ruby:2.6-alpine3.14) on Debian 9 or
> > 10. I can't reproduce it with Alpine Linux 3.13 (container) or Debian
> > 8 (host).
> >
> > For example, the following program outputs -1:
> >
> > #include <stdio.h>
> > #include <fcntl.h>
> > #include <unistd.h>
> >
> > int main()
> > {
> > int r;
> > r = faccessat(AT_FDCWD, "/", R_OK, AT_EACCESS);
> > printf("%i", r);
> > return 0;
> > }
> >
> > I believe whatever is passed as the second parameter, it would return -1.
> >
> > As a result at least irb and bundler doesn't work. Is this some sort
> > of binary incompatibility with Linux kernel?
>
> No, it's almost surely Docker blocking the operation with the wrong
> error code (EPERM):
>
> https://github.com/opencontainers/runc/issues/2151
>
> I'm not sure what the status on getting fix deployed is. It might go
> away if the host running Docker can upgrade.
I forgot to mention: if you can disable seccomp in Docker, that's a
workaround that doesn't require upgrading.
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
