Permission denied

Question

Permission denied

cjauvin opened this issue 7 years ago · 4 comments

This works well on my Vagrant Ubuntu box, but in order to prevent this error:

WARNING: disable sendfile FAILED r1=18446744073709551615 r2=0 permission denied

I have to run my Go program using sudo:

$ sudo env PATH=$PATH GOPATH=$GOPATH go run ..

Answer 1 · 2017-07-12T08:44:32.000Z

Hi, can you try to add this just before the seccompsyscall:

// for some reason not defined for some archs in syscall package
// https://github.com/torvalds/linux/blob/master/include/uapi/linux/prctl.h
const PR_SET_NO_NEW_PRIVS = 38

if r1, r2, errno :=
	syscall.Syscall(
		uintptr(syscall.SYS_PRCTL),
		uintptr(PR_SET_NO_NEW_PRIVS),
		uintptr(1),
		uintptr(0)); errno != 0 {
	fmt.Printf("WARNING: prctl PR_SET_NO_NEW_PRIVS FAILED r1=%d r2=%d %v\n", r1, r2, errno)
	return
}

That seems to work for me.

Answer 2 · 2017-07-12T08:45:57.000Z

Nice if it works as then you would not need --cap-add=SYS_ADMIN when using it with docker

Answer 3 · 2017-07-12T21:45:18.000Z

Hi, yes: it seems to work for me as well, thanks!

Answer 4 · 2017-07-13T09:26:24.000Z

@cjauvin Nice! thanks for the report!