From b99e4107a7cfc0dffe4651f2405e4609b71c56bc Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Fri, 5 Feb 2016 11:58:03 -0800 Subject: [PATCH 1/2] Revert "profiles: enable docker's seccomp support" This reverts commit 08d59b2ea8ebb43c84b64f96bff2a5728144fe03. Docker in 948.1.0 is failing at runtime with the following error: conditional filtering requires libseccomp version >= 2.2.1 --- .../profiles/coreos/targets/generic/package.use | 4 ---- 1 file changed, 4 deletions(-) diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use index 0a800cde3d..c276236745 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use @@ -40,7 +40,3 @@ app-shells/bash -net vanilla # enable audit subsystem by default sys-kernel/coreos-kernel audit - -# seccomp in docker requires static libseccomp -app-emulation/docker seccomp -sys-libs/libseccomp static-libs From 1af801e21195655002db37f42d3849738a1c97a1 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Fri, 5 Feb 2016 12:03:01 -0800 Subject: [PATCH 2/2] docker: fix libseccomp version dependency I misread the version requirement and unfortunately docker only checks the version at runtime, not build time and managed to not run a seccomp enabled docker build in my rushed testing apparently. :( --- .../coreos-overlay/app-emulation/docker/docker-9999.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild index 72bfa63e2e..6e8262fc37 100644 --- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild @@ -32,7 +32,7 @@ CDEPEND=" >=sys-fs/lvm2-2.02.89[thin] ) seccomp? ( - >=sys-libs/libseccomp-2.1.1[static-libs] + >=sys-libs/libseccomp-2.2.1[static-libs] ) "