Bug 1065572

Summary: libseccomp requires kernel
Product: [Fedora] Fedora Reporter: Zbigniew Jędrzejewski-Szmek <zbyszek>
Component: libseccompAssignee: Paul Moore <pmoore>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: hhoyer, johannbg, juzhang, lpoetter, pmoore
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: libseccomp-2.1.1-1.fc21 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1066136 1212058 (view as bug list) Environment:
Last Closed: 2014-02-19 16:57:57 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1212058    

Description Zbigniew Jędrzejewski-Szmek 2014-02-15 00:24:04 UTC 
Description of problem:
libseccomp requires the kernel package. This means that any package containing a program linked to libseccomp will force the installation of the kernel package. One such package is systemd (in versions >= 209), which is often installed in containers and lighweight VMs which do not have a kernel. Installing the kernel (and dependent packages) is a very large overhead for the minimal installation.

I understand the reason for this dependency, but it doesn't really work: on one hand, seccomp does detect missing kernel capabilities, and on the other, even with the kernel package installed one can run an older kernel, since it is multi-installable.

Version-Release number of selected component (if applicable):
libseccomp-2.1.0-1.fc20.x86_64

How reproducible:
100%
Comment 1 Paul Moore 2014-02-17 21:05:04 UTC 
Resolved in libseccomp-2.1.1-1.fc21.

This BZ is against Rawhide, do you see a need for this in F20 as well, or are you happy to see it in F21?
Comment 2 Zbigniew Jędrzejewski-Szmek 2014-02-17 21:06:45 UTC 
F21 is enough, thanks.
Comment 3 Paul Moore 2014-02-17 21:13:48 UTC 
Okay, once I see the updated package propagate out to my Rawhide system I'll consider this closed.
Comment 4 Jóhann B. Guðmundsson 2014-02-18 10:58:18 UTC 
This should also be fixed in all the GA releases ( F19/F20 ). 

People are running containers there as well
Comment 5 Zbigniew Jędrzejewski-Szmek 2014-02-18 13:01:27 UTC 
Yeah, but we have no intention of linking to libseccomp there.
Comment 6 Paul Moore 2014-02-19 16:57:57 UTC 
Everything looks fine now on my Rawhide system:

# rpm -q libseccomp libseccomp-devel
libseccomp-2.1.1-1.fc21.x86_64
libseccomp-devel-2.1.1-1.fc21.x86_64
# rpm -qR libseccomp
/sbin/ldconfig
/sbin/ldconfig
libc.so.6()(64bit)
libc.so.6(GLIBC_2.14)(64bit)
libc.so.6(GLIBC_2.2.5)(64bit)
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rtld(GNU_HASH)
rpmlib(PayloadIsXz) <= 5.2-1
# rpm -qR libseccomp-devel
/usr/bin/pkg-config
libc.so.6()(64bit)
libc.so.6(GLIBC_2.2.5)(64bit)
libc.so.6(GLIBC_2.3)(64bit)
libseccomp(x86-64) = 2.1.1-1.fc21
libseccomp.so.2()(64bit)
pkgconfig
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rtld(GNU_HASH)
rpmlib(PayloadIsXz) <= 5.2-1
Comment 7 Paul Moore 2014-02-25 20:08:32 UTC 
*** Bug 1069867 has been marked as a duplicate of this bug. ***