Don't attempt to generate Seccomp filter file in Linux < 4.14.

Only Linux 4.14 and later contain the required support for SECCOMP_RET_KILL_PROCESS. * lib-src/Makefile.in (SECCOMP_FILTER): Define only if we run at least Linux 4.14.
2021-04-11 19:35:39 +02:00 · 2021-04-11 19:35:39 +02:00 · 9a57897ea1
commit 9a57897ea1
parent ea5ea09244
1 changed files with 6 additions and 0 deletions
--- a/lib-src/Makefile.in
+++ b/lib-src/Makefile.in
@ -196,9 +196,15 @@ LIBSECCOMP_CFLAGS=@LIBSECCOMP_CFLAGS@
 # Currently, we can only generate seccomp filter files for x86-64.
 ifeq ($(HAVE_LIBSECCOMP),yes)
 ifeq ($(shell uname -m),x86_64)
+# We require SECCOMP_RET_KILL_PROCESS, which is only available in
+# Linux 4.14 and later.
+ifeq ($(shell { echo 4.14; uname -r | cut -d . -f 1-2; } | \
+              sort -C -t . -n -k 1,1 -k 2,2 && \
+              echo 1),1)
 SECCOMP_FILTER=1
 endif
 endif
+endif

 ifeq ($(SECCOMP_FILTER),1)
 DONT_INSTALL += seccomp-filter$(EXEEXT)