about summary refs log tree commit diff
path: root/src/libstore
diff options
context:
space:
mode:
authoraszlig <aszlig@redmoonstudios.org>2016-11-16T16·25+0100
committeraszlig <aszlig@redmoonstudios.org>2016-11-16T16·29+0100
commited64976cec43f9f067a40fc6921b5513a19fd757 (patch)
tree3655ae9476e89b896ce38309ea37eaab16fa26ea /src/libstore
parent651a18dd2466662e7027e4dc04147e4f38c7bbf8 (diff)
seccomp: Forge return codes for POSIX ACL syscalls
Commands such as "cp -p" also use fsetxattr() in addition to fchown(),
so we need to make sure these syscalls always return successful as well
in order to avoid nasty "Invalid value" errors.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Diffstat (limited to 'src/libstore')
-rw-r--r--src/libstore/build.cc4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index 6c6d0dee36ff..6fc6220e0524 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -1659,6 +1659,10 @@ void setupSeccomp(void) {
     FORCE_SUCCESS(fchownat);
     FORCE_SUCCESS(lchown);
 
+    FORCE_SUCCESS(setxattr);
+    FORCE_SUCCESS(lsetxattr);
+    FORCE_SUCCESS(fsetxattr);
+
     if (seccomp_load(ctx) != 0) {
         seccomp_release(ctx);
         throw SysError("unable to load seccomp BPF program");