On Wed, Apr 26, 2017 at 03:29:03PM +0200, Vincent Blut wrote: > > sys_linux: allow sysinfo in seccomp filter > > > > It may be used by glob() in latest glibc. > > Do you have an idea about which commit in glibc justifies this patch?
No, sorry. I saw it on Fedora 26, which has glibc-2.24. If you add the dumpdir and dumponexit options to chrony.conf and run chronyd with -F 1 at least two times to have some files in dumpdir, you should see a crash if glibc is using that syscall. The cleanup of old dump files on start is the only thing in chronyd using glob() after seccomp filter was loaded. -- Miroslav Lichvar -- To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe" in the subject. For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the subject. Trouble? Email listmas...@chrony.tuxfamily.org.