Bug 1065572 - libseccomp requires kernel
Summary: libseccomp requires kernel
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: libseccomp
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Paul Moore
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 1069867 (view as bug list)
Depends On:
Blocks: 1212058
TreeView+ depends on / blocked
 
Reported: 2014-02-15 00:24 UTC by Zbigniew Jędrzejewski-Szmek
Modified: 2015-04-15 13:24 UTC (History)
5 users (show)

Fixed In Version: libseccomp-2.1.1-1.fc21
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1066136 1212058 (view as bug list)
Environment:
Last Closed: 2014-02-19 16:57:57 UTC
Type: Bug


Attachments (Terms of Use)

Description Zbigniew Jędrzejewski-Szmek 2014-02-15 00:24:04 UTC
Description of problem:
libseccomp requires the kernel package. This means that any package containing a program linked to libseccomp will force the installation of the kernel package. One such package is systemd (in versions >= 209), which is often installed in containers and lighweight VMs which do not have a kernel. Installing the kernel (and dependent packages) is a very large overhead for the minimal installation.

I understand the reason for this dependency, but it doesn't really work: on one hand, seccomp does detect missing kernel capabilities, and on the other, even with the kernel package installed one can run an older kernel, since it is multi-installable.

Version-Release number of selected component (if applicable):
libseccomp-2.1.0-1.fc20.x86_64

How reproducible:
100%

Comment 1 Paul Moore 2014-02-17 21:05:04 UTC
Resolved in libseccomp-2.1.1-1.fc21.

This BZ is against Rawhide, do you see a need for this in F20 as well, or are you happy to see it in F21?

Comment 2 Zbigniew Jędrzejewski-Szmek 2014-02-17 21:06:45 UTC
F21 is enough, thanks.

Comment 3 Paul Moore 2014-02-17 21:13:48 UTC
Okay, once I see the updated package propagate out to my Rawhide system I'll consider this closed.

Comment 4 Jóhann B. Guðmundsson 2014-02-18 10:58:18 UTC
This should also be fixed in all the GA releases ( F19/F20 ). 

People are running containers there as well

Comment 5 Zbigniew Jędrzejewski-Szmek 2014-02-18 13:01:27 UTC
Yeah, but we have no intention of linking to libseccomp there.

Comment 6 Paul Moore 2014-02-19 16:57:57 UTC
Everything looks fine now on my Rawhide system:

# rpm -q libseccomp libseccomp-devel
libseccomp-2.1.1-1.fc21.x86_64
libseccomp-devel-2.1.1-1.fc21.x86_64
# rpm -qR libseccomp
/sbin/ldconfig
/sbin/ldconfig
libc.so.6()(64bit)
libc.so.6(GLIBC_2.14)(64bit)
libc.so.6(GLIBC_2.2.5)(64bit)
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rtld(GNU_HASH)
rpmlib(PayloadIsXz) <= 5.2-1
# rpm -qR libseccomp-devel
/usr/bin/pkg-config
libc.so.6()(64bit)
libc.so.6(GLIBC_2.2.5)(64bit)
libc.so.6(GLIBC_2.3)(64bit)
libseccomp(x86-64) = 2.1.1-1.fc21
libseccomp.so.2()(64bit)
pkgconfig
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rtld(GNU_HASH)
rpmlib(PayloadIsXz) <= 5.2-1

Comment 7 Paul Moore 2014-02-25 20:08:32 UTC
*** Bug 1069867 has been marked as a duplicate of this bug. ***


Note You need to log in before you can comment on or make changes to this bug.