errors occurred during building

[ccnankai]

I have encountered a error building from source code. Is my gcc version mismatched?

steps:

1.git clone ... 2. make

os : ubuntu16.04 gcc : 5.4.0

[haircommander]

interesting, this should have been fixed in https://github.com/containers/conmon/pull/268 does your version have that commit?

[ccnankai]

I pulled the latest code. seccomp version:

[haircommander]

@giuseppe any ideas?

[giuseppe]

could you try to apply the following patch?

$ git diff
diff --git a/src/seccomp_notify.h b/src/seccomp_notify.h
index 9dda848..de1d441 100644
--- a/src/seccomp_notify.h
+++ b/src/seccomp_notify.h
@@ -3,6 +3,10 @@
 
 #include "seccomp_notify_plugin.h"
 
+#ifndef SECCOMP_RET_USER_NOTIF
+#undef USE_SECCOMP
+#endif
+
 #if USE_SECCOMP
 
 struct seccomp_notify_context_s;

[ccnankai]

@giuseppe After applying this patch, this error is still reported when compiling. It may be that there is a problem with my system environment, let me troubleshoot again. Thank you very much.

[giuseppe]

this is what I get on Ubuntu 16.04:

# cat /etc/issue
Ubuntu 16.04.7 LTS \n \l

# grep -r SECCOMP_RET_USER_NOTIF /usr/include/
/usr/include/seccomp.h:/* SECCOMP_RET_USER_NOTIF was added in kernel v5.0. */
/usr/include/seccomp.h:#ifndef SECCOMP_RET_USER_NOTIF
/usr/include/seccomp.h:#define SECCOMP_RET_USER_NOTIF	0x7fc00000U

Altough we need this patch to address an issue when libseccomp is not installed:

diff --git a/src/seccomp_notify.c b/src/seccomp_notify.c
index 58f4a16..75737d0 100644
--- a/src/seccomp_notify.c
+++ b/src/seccomp_notify.c
@@ -6,7 +6,6 @@
 #endif
 
 #include <errno.h>
-#include <seccomp.h>
 #include <sys/ioctl.h>
 #include <linux/seccomp.h>
 #include <sys/sysmacros.h>
@@ -22,6 +21,7 @@
 #include "seccomp_notify.h"
 
 #if USE_SECCOMP
+#include <seccomp.h>
 
 #ifndef SECCOMP_USER_NOTIF_FLAG_CONTINUE
 #define SECCOMP_USER_NOTIF_FLAG_CONTINUE (1UL << 0)
diff --git a/src/seccomp_notify.h b/src/seccomp_notify.h
index 9dda848..de1d441 100644
--- a/src/seccomp_notify.h
+++ b/src/seccomp_notify.h
@@ -3,6 +3,10 @@
 
 #include "seccomp_notify_plugin.h"
 
+#ifndef SECCOMP_RET_USER_NOTIF
+#undef USE_SECCOMP
+#endif
+
 #if USE_SECCOMP
 
 struct seccomp_notify_context_s;
diff --git a/src/seccomp_notify_plugin.h b/src/seccomp_notify_plugin.h
index 562957f..1b14a5f 100644
--- a/src/seccomp_notify_plugin.h
+++ b/src/seccomp_notify_plugin.h
@@ -2,6 +2,10 @@
 
 #include <linux/seccomp.h>
 
+#ifndef SECCOMP_RET_USER_NOTIF
+#undef USE_SECCOMP
+#endif
+
 #if USE_SECCOMP
 
 struct seccomp_notify_conf_s {

[giuseppe]

can you show the output for # grep -r "seccomp_notif_resp" /usr/include/ ?

[giuseppe]

we could add a check for seccomp_notif_resp but since it is available in Ubuntu 16.04, I think it is easier if we understand what is going on there and why it doesn't exist for you. Have you updated the system?

[ccnankai]

My result : cat /etc/issue : Ubuntu 16.04.7 LTS \n \l

grep -r "seccomp_notif_resp" /usr/include/

grep -r SECCOMP_RET_USER_NOTIF /usr/include/

If it really doesn't work, I am going to upgrade the system to ubuntu18.04, I am a novice. Thank you very much.

[giuseppe]

so seccomp_notif_resp is defined as part of /usr/include/seccomp.h.

Could you try adding #include <seccomp.h>to the seccomp_notify_plugin.h file?

[ccnankai]

Do I still use the patch above? Did I add this clause correctly?

[giuseppe]

seccomp_notif_sizes seems still missing.

What do you see with grep -r "seccomp_notif_sizes" /usr/include/?

Is your OS fully updated (did you run apt-get update && apt-get upgrade)?

[ccnankai]

The result is empty.

This error wastes too much of your time. I'm really sorry, I closed this question. It should be that the OS has not been completely updatedI .will upgrade the system again. Thank you very much.

[haircommander]

actually, it's likely you'll run into it on 18.04, as we need kernel 5.9 or greater for proper seccomp notify support. I think this should be fixed

[ccnankai]

@haircommander Got it . Thank you very much.

[redskate]

Still not fixed. I just downloaded the code and launched a "make".

root@aladin2:~/Downloads/conmon# make cc -std=c99 -Os -Wall -Wextra -Werror -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -DVERSION=\"2.0.30-dev\" -DGIT_COMMIT=\""7381063391d2071a3d27a6e80c9c84d741fb4221"\" -D USE_JOURNALD=0 -D USE_SECCOMP=1 -o src/conmon.o -c src/conmon.c In file included from src/seccomp_notify.h:4:0, from src/conmon.c:21: src/seccomp_notify_plugin.h:34:15: error: ‘struct seccomp_notif_resp’ declared inside parameter list will not be visible outside of this definition or declaration [-Werror] struct seccomp_notif_resp *sresp, int seccomp_fd, int *handled); ^~~~~~~~~~~~~~~~~~ src/seccomp_notify_plugin.h:33:113: error: ‘struct seccomp_notif’ declared inside parameter list will not be visible outside of this definition or declaration [-Werror] typedef int (*run_oci_seccomp_notify_handle_request_cb)(void *opaque, struct seccomp_notif_sizes *sizes, struct seccomp_notif *sreq, ^~~~~~~~~~~~~ src/seccomp_notify_plugin.h:33:78: error: ‘struct seccomp_notif_sizes’ declared inside parameter list will not be visible outside of this definition or declaration -Werror] typedef int (*run_oci_seccomp_notify_handle_request_cb)(void *opaque, struct seccomp_notif_sizes *sizes, struct seccomp_notif *sreq,

The system (Ubuntu 18): 4.15.0-147-generic #151-Ubuntu SMP Fri Jun 18 19:21:19 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux Latest status, all packages installed. Everything upgraded.