[systemd-devel] How to disable seccomp in systemd-nspawn?

Mohan R mohan43u at gmail.com
Wed Jun 24 17:43:10 UTC 2020


Hi,

How to disable seccomp in systemd-nspawn? I'm facing issue while
running fuse-overlayfs and I reported it

https://github.com/containers/fuse-overlayfs/issues/220#issuecomment-648865831

Developer asked me to check if the container is seccomp filtered, as
suspected systemd-nspawn put the container inside seccomp faltered
(Seccomp: 2). But I'm not able to get the list of filtered syscalls or
I'm not able to find out why 'openat2()' is returning EPERM inside the
systemd-nspawn container.

Thanks,
Mohan R


More information about the systemd-devel mailing list