On Thu, Oct 26, 2017 at 01:52:40PM +0200, Julian Andres Klode wrote: > On Thu, Oct 26, 2017 at 12:59:20PM +0200, joel hansson wrote: > > Package: apt > > Followup-For: Bug #879814 > > > > Dear Maintainer, > > > > I have a similar issue, but on arch: amd64 but on another syscall. > > > > > > --- snip --- > > $ sudo apt-get update > > [sudo] password for user: > > Hit:1 http://ftp.se.debian.org/debian unstable InRelease > > Get:2 http://ftp.se.debian.org/debian unstable/main amd64 Packages > > [7,745 kB] > > 18% [2 Packages store 0 B] [Waiting for headers] > > **** Seccomp prevented execution of syscall 0000000041 on > > architecture amd64 **** > > Reading package lists... Done > > E: Method store has died unexpectedly! > > E: Sub-process store returned an error code (31) > > $ > > --- snip ---- > > > > > > > > > > * What led up to the situation? > > > > -alpha1 of apt was installed during an upgrade. > > > > * What exactly did you do (or not do) that was effective (or > > ineffective)? > > > > -alpha1 had the issue. > > Upgraded to -alpha2 manually, but it has the same issue. > > That's the socket syscall being used by a method only supposed to > operate on local files. Could you run with APT::Sandbox::Seccomp::Print > set to false and get a backtrace (you need to let it dump core, and > then run gdb on the core; for example, by installing systemd-coredump > and then running coredumpctl gdb after executing apt).
In order to identify which other syscalls might be missing for your system, install seccomp, (1) run scmp_sys_resolver with the number in the error message. Here, that would print socket. (2) Add that to an apt.conf(.d) file in APT::Sandbox::Seccomp::Allow APT::Sandbox::Seccomp::Allow { "socket"; }; (3) run again repeat the steps until it works. It would also be good to know if you have any special nss modules installed. -- Debian Developer - deb.li/jak | jak-linux.org - free software dev Ubuntu Core Developer speaks English, German