Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 782538 - net-misc/lldpd-1.0.11: stabilisation (was: net-misc/lldpd-1.0.9[seccomp]: fails to start (lldpd[9479]: invalid syscall attempted: newfstatat(262)))
Summary: net-misc/lldpd-1.0.11: stabilisation (was: net-misc/lldpd-1.0.9[seccomp]: fai...
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Stabilization (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Patrick McLean
Keywords: CC-ARCHES
Depends on:
Blocks: glibc-2.33
  Show dependency tree
Reported: 2021-04-12 15:56 UTC by Sven E.
Modified: 2021-06-30 10:56 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---
nattka: sanity-check+

Attachments (,6.35 KB, application/x-info)
2021-04-12 20:12 UTC, Sven E.
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Sven E. 2021-04-12 15:56:54 UTC
When compiled with seccomp enabled, lldpd fails to starup:
lldpd[9479]: invalid syscall attempted: newfstatat(262)

Seems newfsatat() is missing from the list of allowed syscalls.

Reproducible: Always

Steps to Reproduce:
1. compile lldpd with seccomp
2. try starting it.
3. see failure.
Actual Results:  
Failure to sart

Expected Results:  
normal operation.

Tested with USE="-seccomp" and lldpd starts as expected.

I assume the call should be added to priv-seccomp.c line 148 and following.
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-04-12 16:05:14 UTC
emerge --info lldpd for completeness? :)

Thanks, this is quite a regular occurrence with some packages + new glibc!
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-04-12 16:05:43 UTC
(and I assume this is glibc-2.33...)
Comment 3 Sven E. 2021-04-12 18:09:59 UTC
Can't verify the glibc part, since I cannot easily downgrade glibc.

emerge --info follows.
Comment 4 Sven E. 2021-04-12 20:12:32 UTC
Created attachment 699528 [details]

emerge --info
Comment 5 Sven E. 2021-04-13 22:55:36 UTC
Looks like 1.0.10 includes a patch and works as expected.
Comment 6 Agostino Sarubbo gentoo-dev 2021-06-30 10:55:02 UTC
amd64 stable
Comment 7 Agostino Sarubbo gentoo-dev 2021-06-30 10:56:43 UTC
x86 stable. Closing.