BUG: AddRule: fix to handle EACCES #74
Closed
Commits on Sep 18, 2021
-
seccomp_internal: use errors.New, add errDefAction
The latter is to be used by the next commit. While at it, slightly improve the errBadFilter doc string. NOTE that there are more places that need s/fmt.Errorf/errors.New/, but as such change is trivial and it will break other commit pending review, I am going to implement it separately later. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
-
In case a rule with the action that equals to the default one was added, libseccomp used to return EPERM, and libseccomp-golang converted it into a more user-friendly "requested action matches default action of filter" error. From various bug reports I have noticed this is no longer a case. The cause is libseccomp commit 83989be02 (appeared in v2.5.0), which changes EPERM to EACCES. Since we still support libseccomp < 2.5.0, check for either EPERM or EACCES. Add a TODO item to remove the former. Add a test case, which fails like this before the fix: > seccomp_test.go:580: expected error to contain "matches default action", got "permission denied" Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.