usbguard icon indicating copy to clipboard operation
usbguard copied to clipboard
verified publisher icon USBGuard

Seccomp whitelist cause SIGSYS

Open AnanasPfirsichSaft opened this issue 7 years ago • 0 comments

I am trying to run usbguard 0.7.4 with the "-W" flag to enable the seccomp whitelist. But it caused a SIGSYS due to missing syscalls in the list. By the way, "-C" (dropping the capabilities) is running fine.

I added three syscalls to the list in src/Daemon/Seccomp.c: getpid, getuid and umask.

usbguard-daemon still segfaults (run by strace):

clone(child_stack=0x7f9061b2fb30, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7f9061b309d0, tls=0x7f9061b30700, child_tidptr=0x7f9061b309d0) = 27396
+++ killed by SIGSYS +++

But "clone" is in the whitelist. And at this point my programming skills end ;)

AnanasPfirsichSaft avatar Dec 04 '18 19:12 AnanasPfirsichSaft