Thanks to visit codestin.com
Credit goes to github.com

Skip to content

unable to load seccomp BPF program: Invalid argument #41

New issue
New issue
Open
Open
unable to load seccomp BPF program: Invalid argument#41
@bohendo

Description

@bohendo
bohendo
opened on Nov 17, 2022

Progress:

  • I got the lnl7/nix:ssh docker container running w/out any issues
  • I'm able to access the docker container via either ssh local-linux or sudo ssh local-linux
  • I'm using nix-darwin & configured the remote builder like so:
  nix.settings.allowed-users = [ "root" "bohendo" ];
  nix.settings.trusted-users = [ "root" "bohendo" ];
  nix.distributedBuilds = true;
  nix.buildMachines = [{
    hostName = "local-linux";
    sshKey = "/tmp/nix/insecure_rsa";
    sshUser = "root";
    system = "x86_64-linux";
  }];
  nix.extraOptions = ''
    experimental-features = nix-command flakes
  '';

And when I try to run the test command at the end of the readme, I get the following:

$ nix-build -E 'with import <nixpkgs> { system = "x86_64-linux"; }; hello.overrideAttrs (drv: { REBUILD = builtins.currentTime; })'
this derivation will be built:
  /nix/store/zaz9ii7hy0rf37jdfa0yqf4yddqzshfh-hello-2.12.1.drv
this path will be fetched (0.99 MiB download, 0.99 MiB unpacked):
  /nix/store/pa10z4ngm0g83kx9mssrqzz30s84vq7k-hello-2.12.1.tar.gz
copying path '/nix/store/pa10z4ngm0g83kx9mssrqzz30s84vq7k-hello-2.12.1.tar.gz' from 'https://cache.nixos.org'...
building '/nix/store/zaz9ii7hy0rf37jdfa0yqf4yddqzshfh-hello-2.12.1.drv' on 'ssh://root@local-linux'...
copying 1 paths...
copying path '/nix/store/pa10z4ngm0g83kx9mssrqzz30s84vq7k-hello-2.12.1.tar.gz' to 'ssh://root@local-linux'...
error: build of '/nix/store/zaz9ii7hy0rf37jdfa0yqf4yddqzshfh-hello-2.12.1.drv' on 'ssh://root@local-linux' failed: while setting up the build environment: unable to load seccomp BPF program: Invalid argument
error: builder for '/nix/store/zaz9ii7hy0rf37jdfa0yqf4yddqzshfh-hello-2.12.1.drv' failed with exit code 1

I found a related issue that suggested setting filter-syscalls = false but this option doesn't appear to exist anymore. Even if it did, I'd rather provide a valid argument than disable important safety features. One comment suggested it might be bug in docker so maybe it's something that this repo's docker container could fix? I'm not really sure how to proceed.

  • system: "aarch64-darwin"
  • host os: Darwin 22.1.0, macOS 13.0.1
  • multi-user?: yes
  • sandbox: no
  • version: nix-env (Nix) 2.10.3
  • channels(bohendo): "darwin, nixpkgs"
  • channels(root): "nixpkgs"
  • nixpkgs: /Users/bohendo/.nix-defexpr/channels/nixpkgs

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions