Overriding seccomp policy: shm_open
Jacob Zimmermann
ppa at jzimm.net
Mon Aug 1 04:55:52 UTC 2016
Hi
I'm trying to get my hands on snapcraft by building a snap of "Hatari"
(Atari ST emulator). I got it working nicely in devmode but it won't run
under strict confinement, specifically it gets killed when attempting to
execute shm_open().
Based on whatever little information I could gather I tried to override
the default policy like so:
apps:
hatari:
command: hatari
plugs: [home, unity7, hatari-permissions]
...
plugs:
hatari-permissions:
type: old-security
security-override:
syscalls: [shm_open]
But no avail, it just won't let it use this syscall. I couldn't find
anything in the docs about how is it supposed to be done.
Thanks & Best Regards
Jacob
More information about the Snapcraft
mailing list