WIP snap for 0ad
olivier.tilloy at canonical.com
Fri Nov 18 12:13:23 UTC 2016
I’ve been working on snapping up 0ad¹ as a side project, and I’m at
the point where I’ve got it to run fully confined.
I’ve had to modify the generated seccomp profile for this to work
though, and I’m not sure where to take it from there. The game uses
the following syscalls which are not allowed by default: setpriority
and sched_setaffinity. I can get setpriority by adding the
process-control plug (which needs manual connection), but it doesn’t
appear any sensible interface exposes sched_setaffinity
(docker-support does, but that’s obviously not a solution).
What would interface experts suggest? Would it make sense to add
sched_setaffinity to process-control? Or to create a new privileged
interface for just that one syscall?
More information about the Snapcraft