To paper over the faccessat2 issue, a libseccomp update is enough *if* the container runtime already knows about the faccessat2 system call and mentions it in its profiles. But with the current design, every new system call will need similar updates to several components (not just libseccomp) just to produce the ENOSYS error, which is not a sustainable development model. Hence the runc pull request mentioned in comment 8.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1916485 Title: test -x fails inside shell scripts in containers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1916485/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs