Public bug reported: following up the libseccomp SRU to handle newer syscalls: https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1876055
docker needs to be updated to support newer syscalls including: 403: clock_gettime64 404: clock_settime64 405: clock_adjtime64 406: clock_getres_time64 407: clock_nanosleep_time64 408: timer_gettime64 409: timer_settime64 410: timerfd_gettime64 411: timerfd_settime64 412: utimensat_time64 413: pselect6_time64 414: ppoll_time64 here are the relevant changes in moby: https://github.com/moby/moby/pull/40739/files these changes need to be applied to the docker.io file "components/engine/profiles/seccomp/default.json" (moby sources are included in docker.io sources) here is a testcase that ends up calling utimensat_time64 via docker: cd /tmp && git clone https://github.com/xantares/test-seccomp-time64.git && docker build test-seccomp-time64 ** Affects: docker.io (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1886831 Title: whitelist 64-bit time_t syscalls To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1886831/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
