Author vstinner
Recipients aeros, asvetlov, benjamin.peterson, nanjekyejoannah, njs, vstinner, yan12125, yselivanov
Date 2019-11-12.21:23:37
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1573593817.68.0.993083803214.issue38692@roundup.psfhosted.org>
In-reply-to
Content
> It seems like systemd-nspawn is just breaking everything: https://sourceware.org/ml/libc-alpha/2019-11/msg00277.html

Well, we can try to argue to not block syscalls, but I'm not sure that we can win such battle :-) For os.urandom(), I chose to handle EPERM as ENOSYS in bpo-27955. Extract of Python/bootstrap_hash.c:

            /* ENOSYS: the syscall is not supported by the kernel.
               EPERM: the syscall is blocked by a security policy (ex: SECCOMP)
               or something else. */
            if (errno == ENOSYS || errno == EPERM) {
                getrandom_works = 0;
                return 0;
            }

We can just skip the test if the syscall fails with EPERM.
History
Date User Action Args
2019-11-12 21:23:37vstinnersetrecipients: + vstinner, benjamin.peterson, njs, asvetlov, yselivanov, yan12125, nanjekyejoannah, aeros
2019-11-12 21:23:37vstinnersetmessageid: <1573593817.68.0.993083803214.issue38692@roundup.psfhosted.org>
2019-11-12 21:23:37vstinnerlinkissue38692 messages
2019-11-12 21:23:37vstinnercreate