> - somehow make libseccomp handle "unknown" syscalls, and perhaps > allow them (instead of blocking)? (not exactly sure how it's > handling these, so I'd have to read up on that); probably that's the > same (similar) as changing our "whitelist" to a "blacklist" (which > could weaken security)
Blocking not otherwise specified system calls with ENOSYS instead of EPERM generally has this effect. Some container runtimes incorrectly use EPERM, though. I don't know if this is the issue with Docker here. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1867675 Title: Install failure for libc6 2.31-0ubuntu6 on armhf To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1867675/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs