** Description changed: [impact] when libseccomp is upgraded to 2.5.1 on all releases, the systemd seccomp unit tests will start failing on ppc, as RestrictAddressFamilies= will no longer work on that arch. However, the systemd.exec man page has stated that RestrictAddressFamiles= doesn't work on ppc since before bionic. [test case] check systemd autopkgtest on ppc, looking at the test_restrict_access_familes unit test [regression potential] any regression would involve the use of RestrictAddressFamilies=, either no longer restricting or incorrectly restricting address familes. [scope] this is needed for b/f/g this was fixed upstream by commit d5923e38bc0e6cf9d7620ed5f1f8606fe7fe1168 which is included in 247, so this is fixed in h already + This isn't needed in x, because it doesn't include upstream commit + 469830d1426a91e0897c321fdc8ee428f0a750c1 which reworked the code to + switch from seccomp_rule_add to seccomp_rule_add_exact, so systemd could + handle lack of arch support itself, instead of allowing the 'not exact' + seccomp syscall to just ignore the call due to lack of arch support. + [other info] libseccomp will be updated to 2.5.1 in the near future so this is needed before that update
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1918696 Title: libseccomp 2.5.1 will break unit tests on ppc Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Bionic: In Progress Status in systemd source package in Focal: In Progress Status in systemd source package in Groovy: In Progress Bug description: [impact] when libseccomp is upgraded to 2.5.1 on all releases, the systemd seccomp unit tests will start failing on ppc, as RestrictAddressFamilies= will no longer work on that arch. However, the systemd.exec man page has stated that RestrictAddressFamiles= doesn't work on ppc since before bionic. [test case] check systemd autopkgtest on ppc, looking at the test_restrict_access_familes unit test [regression potential] any regression would involve the use of RestrictAddressFamilies=, either no longer restricting or incorrectly restricting address familes. [scope] this is needed for b/f/g this was fixed upstream by commit d5923e38bc0e6cf9d7620ed5f1f8606fe7fe1168 which is included in 247, so this is fixed in h already This isn't needed in x, because it doesn't include upstream commit 469830d1426a91e0897c321fdc8ee428f0a750c1 which reworked the code to switch from seccomp_rule_add to seccomp_rule_add_exact, so systemd could handle lack of arch support itself, instead of allowing the 'not exact' seccomp syscall to just ignore the call due to lack of arch support. [other info] libseccomp will be updated to 2.5.1 in the near future so this is needed before that update To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1918696/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
