diff options
author | aszlig <aszlig@redmoonstudios.org> | 2016-11-16T16·25+0100 |
---|---|---|
committer | aszlig <aszlig@redmoonstudios.org> | 2016-11-16T16·29+0100 |
commit | ed64976cec43f9f067a40fc6921b5513a19fd757 (patch) | |
tree | 3655ae9476e89b896ce38309ea37eaab16fa26ea /src/libstore | |
parent | 651a18dd2466662e7027e4dc04147e4f38c7bbf8 (diff) |
seccomp: Forge return codes for POSIX ACL syscalls
Commands such as "cp -p" also use fsetxattr() in addition to fchown(), so we need to make sure these syscalls always return successful as well in order to avoid nasty "Invalid value" errors. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Diffstat (limited to 'src/libstore')
-rw-r--r-- | src/libstore/build.cc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/libstore/build.cc b/src/libstore/build.cc index 6c6d0dee36ff..6fc6220e0524 100644 --- a/src/libstore/build.cc +++ b/src/libstore/build.cc @@ -1659,6 +1659,10 @@ void setupSeccomp(void) { FORCE_SUCCESS(fchownat); FORCE_SUCCESS(lchown); + FORCE_SUCCESS(setxattr); + FORCE_SUCCESS(lsetxattr); + FORCE_SUCCESS(fsetxattr); + if (seccomp_load(ctx) != 0) { seccomp_release(ctx); throw SysError("unable to load seccomp BPF program"); |