openssh bugs - Feb 2013 - [Bug 2011] sandbox selection needs some kind of fallback mechanism

https://bugzilla.mindrot.org/show_bug.cgi?id=2011

--- Comment #8 from Petr Lautrbach <plautrba at redhat.com> ---
Created attachment 2214
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2214&action=edit
don't probe seccomp capability of running kernel in configure

I'd like to add also possibility to build seccomp_filter sandbox on
system with older kernel, E.g. Fedora build systems use buildroots with
needed sources and headers, but system is run with older kernels.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2011

--- Comment #9 from Damien Miller <djm at mindrot.org> ---
Comment on attachment 2214
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2214
don't probe seccomp capability of running kernel in configure

Maybe it should just s/AC_LINK_IFELSE/AC_RUN_IFELSE/ here?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2011

Petr Lautrbach <plautrba at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2214|0                           |1
        is obsolete|                            |

--- Comment #10 from Petr Lautrbach <plautrba at redhat.com> ---
Created attachment 2215
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2215&action=edit
don't probe seccomp capability of running kernel in configure

You are right, s/AC_RUN_IFELSE/AC_LINK_IFELSE/ is sufficient.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2011

--- Comment #11 from Colin Watson <cjwatson at debian.org> ---
Comment on attachment 2215
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2215
don't probe seccomp capability of running kernel in configure

If you're switching to AC_LINK_IFELSE, you should remove the fourth
argument to the macro which controls behaviour when cross-compiling.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2011

Petr Lautrbach <plautrba at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2215|0                           |1
        is obsolete|                            |

--- Comment #12 from Petr Lautrbach <plautrba at redhat.com> ---
Created attachment 2216
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2216&action=edit
don't probe seccomp capability of running kernel in configure

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2011

--- Comment #13 from Damien Miller <djm at mindrot.org> ---
applied - thanks. This will be in openssh-6.2, hopefully due around the
end of the month.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.