Description of problem: libseccomp requires the kernel package. This means that any package containing a program linked to libseccomp will force the installation of the kernel package. One such package is systemd (in versions >= 209), which is often installed in containers and lighweight VMs which do not have a kernel. Installing the kernel (and dependent packages) is a very large overhead for the minimal installation. I understand the reason for this dependency, but it doesn't really work: on one hand, seccomp does detect missing kernel capabilities, and on the other, even with the kernel package installed one can run an older kernel, since it is multi-installable. Version-Release number of selected component (if applicable): libseccomp-2.1.0-1.fc20.x86_64 How reproducible: 100%
Resolved in libseccomp-2.1.1-1.fc21. This BZ is against Rawhide, do you see a need for this in F20 as well, or are you happy to see it in F21?
F21 is enough, thanks.
Okay, once I see the updated package propagate out to my Rawhide system I'll consider this closed.
This should also be fixed in all the GA releases ( F19/F20 ). People are running containers there as well
Yeah, but we have no intention of linking to libseccomp there.
Everything looks fine now on my Rawhide system: # rpm -q libseccomp libseccomp-devel libseccomp-2.1.1-1.fc21.x86_64 libseccomp-devel-2.1.1-1.fc21.x86_64 # rpm -qR libseccomp /sbin/ldconfig /sbin/ldconfig libc.so.6()(64bit) libc.so.6(GLIBC_2.14)(64bit) libc.so.6(GLIBC_2.2.5)(64bit) rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rtld(GNU_HASH) rpmlib(PayloadIsXz) <= 5.2-1 # rpm -qR libseccomp-devel /usr/bin/pkg-config libc.so.6()(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.3)(64bit) libseccomp(x86-64) = 2.1.1-1.fc21 libseccomp.so.2()(64bit) pkgconfig rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rtld(GNU_HASH) rpmlib(PayloadIsXz) <= 5.2-1
*** Bug 1069867 has been marked as a duplicate of this bug. ***