proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-07-27 10:51:24 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Catch seccomp violations by init

Browse Source 
Note that if a task other than init violates the seccomp policy,
we cannot catch that.  Init will catch it and (if it feels like
it) log it.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
This commit is contained in:
Serge Hallyn 2014-02-24 11:28:10 -06:00 committed by Stéphane Graber
parent 642d1ccd98
commit c2b9bd9e81
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/lxc/start.c
View File

@ -1050,6 +1050,9 @@ int __lxc_start(const char *name, struct lxc_conf *conf,
DEBUG("Container rebooting");
handler->conf->reboot = 1;
break;
case SIGSYS: /* seccomp */
DEBUG("Container violated its seccomp policy");
break;
default:
DEBUG("unknown exit status for init: %d", WTERMSIG(status));
break;