[OE-core] [PATCH] file: explicitly disable seccomp
Khem Raj
raj.khem at gmail.com
Sat Oct 19 05:26:32 UTC 2019
On Sat, Oct 19, 2019 at 2:58 AM Richard Purdie <
richard.purdie at linuxfoundation.org> wrote:
> On Fri, 2019-10-18 at 18:03 +0530, Khem Raj wrote:
> >
> >
> > On Fri, Oct 18, 2019 at 4:58 PM Ross Burton <ross.burton at intel.com>
> > wrote:
> > > file will automatically enable seccomp if the seccomp headers are
> > > available, but
> > > the build will fail on Opensuse Tumbleweed because the include
> > > paths are wrong.
> > >
> > > Enabling seccomp is a bad idea because it interacts badly with
> > > pseudo (causing
> > > build failures), so explicitly and globally disable seccomp.
> > >
> > > Signed-off-by: Ross Burton <ross.burton at intel.com>
> > > ---
> > > meta/recipes-devtools/file/file_5.37.bb | 2 ++
> > > 1 file changed, 2 insertions(+)
> > >
> > > diff --git a/meta/recipes-devtools/file/file_5.37.bb
> > > b/meta/recipes-devtools/file/file_5.37.bb
> > > index a840dbc012b..c53a120b840 100644
> > > --- a/meta/recipes-devtools/file/file_5.37.bb
> > > +++ b/meta/recipes-devtools/file/file_5.37.bb
> > > @@ -21,6 +21,8 @@ S = "${WORKDIR}/git"
> > >
> > > inherit autotools update-alternatives
> > >
> > > +EXTRA_OECONF += "--disable-libseccomp"
> > > +
> >
> > On host it makes sense but how about for target recipe ? We do have
> > libseccomp support
> > Perhaps it’s best to disable it for native and native sdk alone ?
>
> Given the problem reports in the media and the decisions made by most
> other distros I think disabling this is probably safest until its been
> make more usable (no other distro is shipping this enabled now).
>
Ok makes sense
> Cheers,
>
> Richard
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20191019/6d00147c/attachment.html>
More information about the Openembedded-core
mailing list