I: strace --seccomp-bpf is not compatible with -b execve

Paul Chaignon paul.chaignon at gmail.com
Wed Oct 9 12:50:16 UTC 2019

On Sat, Oct 05, 2019 at 07:04:41PM +0300, Dmitry V. Levin wrote:
> Hi,
> There is one case I missed during seccomp-bpf review: for the same reason
> why --seccomp-bpf implies -f there is no way to implement -b execve when
> --seccomp-bpf is enabled.  This combination of options is silently broken
> now:
> $ /bin/pwd |wc -l
> 1
> $ strace -o /dev/null -f -b execve -e '!fchdir' sh -c '/bin/pwd' |wc -l
> 1
> $ strace -o /dev/null -f --seccomp-bpf -b execve -e '!fchdir' sh -c
> '/bin/pwd' |wc -l
> 0
> We have to either disallow this combination of options with an error
> message saying that -b and --seccomp-bpf are mutually exclusive,
> or disable seccomp-bpf when -b option is enabled, with a warning
> saying that --seccomp-bpf is not enabled because of -b execve.

Thanks for the fix!  I had no idea that option even existed.


More information about the Strace-devel mailing list