setrlimit failure on aarch64 (was: Interesting failure on aarch64)
Todd Zullinger
tmz at pobox.com
Sun Feb 2 19:08:38 CET 2020
Werner Koch via Gnupg-users wrote:
> On Fri, 20 Dec 2019 11:22, Konstantin Ryabitsev said:
>
>> On x86_64 this succeeds, but when I tried building on aarch64, that step
> [...]
>> gpg: Fatal: can't disable core dumps: Operation not permitted
>
> setrlimit returns an unexpected error code:
>
> if (getrlimit (RLIMIT_CORE, &limit))
> limit.rlim_max = 0;
> limit.rlim_cur = 0;
> if( !setrlimit (RLIMIT_CORE, &limit) )
> return 0;
> if( errno != EINVAL && errno != ENOSYS )
> log_fatal (_("can't disable core dumps: %s\n"), strerror(errno) );
>
> This is the first time I see a report that EPERM is returned.
The getrlimit call also fails, according to strace:
getrlimit(RLIMIT_CORE, 0xffffeb2acf88) = -1 EPERM (Operation not permitted)
setrlimit(RLIMIT_CORE, {rlim_cur=0, rlim_max=0}) = -1 EPERM (Operation not permitted)
I don't have access to an aarch64 host running RHEL 7
directly, so my only testing is via the mock command from an
aarch74 Fedora 31 host.
Mock can use two styles of container, an old-style chroot or
new-style systemd-nspawn. Using chroot succeeds, while
systemd-nspawn fails.
I tested with CAP_SYS_RESOURCE added to the capability list
in the systemd-nspawn call, without success. From my
reading, that should work (thought shouldn't be needed as
we're not trying to raise the limit).
So it seems like a bug either in systemd-nspawn or a lower
level component like glibc or the kernel with RHEL 7 on
aarch64, as you suggested.
--
Todd
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 543 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200202/b508b411/attachment.sig>
More information about the Gnupg-users
mailing list