On Thu, 11 Feb 2021 at 21:14, Trevor Woerner <firstname.lastname@example.org> wrote:
RP: there’s been a lot of churn in the versions (glibc, kernel, etc). ifI solved this issue: when running inside a container that uses seccomp
to filter the syscalls available, with glibc 2.33 inside (uninative,
for example), applications might end up calling faccessat2() (glibc
does this itself) which as a relatively new syscall is rejected by the
syscall filter. The rejection is EPERM but glibc only handles ENOSYS
so weird things happen.
I sent a workaround to oe-core, systemd 247 and Docker 20.10 are
fixed, but glibc appear to consider this a bug in other software and
not something it should handle.