Re: "CAP system call not allowed" for linux apllications
- In reply to: Konstantin Belousov : "Re: "CAP system call not allowed" for linux apllications"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 12 Jun 2026 17:59:02 UTC
Well, it looks like the next update ( currently it is HEAD at 1f68ca5802db ) has fixed this issue. Thank you On Wed, Jun 10, 2026 at 11:31 AM Konstantin Belousov <kostikbel@gmail.com> wrote: > > On Wed, Jun 10, 2026 at 09:19:14AM +0300, Oleg Nauman wrote: > > I have updated my CURRENT amd64 to c3d8aca1d43e and discovered that > > linux applications fail to run . > > It seems the failure reason is capsicum that blocks execution of linux > > syscalls, for example from ktrace/kdump output: > > > > CALL linux_socket(0x1,0x80001,0) > > CAP system call not allowed: linux_clock_gettime > > CAP system call not allowed: linux_socket > > RET linux_socket 8 > > CALL linux_clock_gettime 0 > > CALL linux_connect(0x8,0x7fffffffb450,0x14) > > CALL linux_clock_gettime(CLOCK_MONOTONIC,0x825829310) > > CAP system call not allowed: linux_connect > > CAP system call not allowed: linux_clock_gettime > > NAMI "" > > RET linux_connect -1 errno -88 Socket operation on non-socket > > RET linux_clock_gettime 0 > > CALL close(0x8) > > CALL linux_poll(0x8280054d0,0x2,0x6221) > > CAP system call not allowed: linux_poll > > CAP system call not allowed: close > > RET close 0 > > RET linux_poll 1 > > CALL linux_clock_gettime(CLOCK_MONOTONIC,0x825829300) > > CAP system call not allowed: linux_clock_gettime > > CALL linux_write(0x2,0x7fffffff92d0,0x2c) > > CAP system call not allowed: linux_write > > RET linux_clock_gettime 0 > > GIO fd 2 wrote 44 bytes > > "qt.qpa.xcb: could not connect to display :0 > > " > I cannot reproduce it, for me HEAD just worked. > > The trace above is also strange, if you look, the syscalls report > successful results, it looks like the 'CAP' records intervene out > of thin air. >