Service running as a snap can't access system's random stream
Artyom Astafurov
artyom at devicehive.com
Fri May 8 00:44:23 UTC 2015
Oh, wonderful! Thank you very much. What's the best way to stay up to date
with that fix?
On May 7, 2015 8:39 PM, "Seth Arnold" <seth.arnold at canonical.com> wrote:
> On Thu, May 07, 2015 at 08:01:35PM -0400, Artyom Astafurov wrote:
> > On May 7, 2015 7:32 PM, "Seth Arnold" <seth.arnold at canonical.com> wrote:
> > > On Thu, May 07, 2015 at 06:45:21PM -0400, Artyom Astafurov wrote:
> > > > May 7 22:28:28 localhost kernel: [106958.973769] audit: type=1326
> > > > audit(1431037708.930:44): auid=4294967295 uid=0 gid=0 ses=4294967295
> > > > pid=3263 comm="random-test"
> > > > exe="/apps/random-test.sideload/1.0.0/bin/armhf/random-test" sig=31
> > > > arch=40000028 syscall=384 compat=0 ip=0x9a434 code=0x0
> > >
> > > type=1326 indicates that this operationg was blocked by seccomp:
> > > #define AUDIT_SECCOMP 1326 /* Secure Computing event */
> > > This is from the kernel source file include/uapi/linux/audit.h
> > >
> > > What architecture are you on? Syscall numbers are unique
> per-architecture.
>
> > It's raspi2, armhf, armv7
>
> Syscall 384 is getrandom(2) on arm:
> #define __NR_getrandom (__NR_SYSCALL_BASE+384)
> arch/arm/include/uapi/asm/unistd.h
>
> This should be fixed when this package upload is accepted and new images
> are rebuilt:
> https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1450642
>
> Thanks
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/snappy-devel/attachments/20150507/126fdaaa/attachment.html>
More information about the snappy-devel
mailing list