snap run --strace can't find setpriority on (at least 4.4)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
snapd |
Confirmed
|
Low
|
Unassigned |
Bug Description
In investigating a different issue, I ran this on bionic and newer:
$ sudo snap install test-snapd-tools
$ sudo snap run --strace test-snapd-
[pid 28394] setpriority(
which is the expected output.
# xenial
I then tried on xenial and got different behavior:
$ sudo snap install test-snapd-tools
$ sudo snap run --strace test-snapd-
$
Ie, strace didn't report the setpriority syscall. I then looked at the full strace and found that strace couldn't find setpriority (strace will prefix syscall_ with a hex value when it can't find the syscall, as per its man page):
[pid 5770] syscall_
Note, this 184467440737095
If I use the old method of stracing described in https:/
$ sudo strace -e '!select,
[pid 5875] syscall_
However, it does if I just call strace directly on the command outside of snap run:
$ sudo strace -- nice -n -10 uptime 2>&1 | grep -E '(syscall_
setpriority(
# trusty
On trusty with the 4.4 linux-generic-
$ sudo snap run --strace test-snapd-
/usr/bin/strace: invalid system call '_newselect'
error: exit status 1
Using the old way without _newselect strace doesn't report it at all (just see the write() that nice failed but no syscall_* or sepriority).
Stracing nice outside of the snap command has strace finding setpriority:
$ sudo strace -e '!select,
setpriority(
Please note in all Ubuntu releases the setpriority call was correctly mediated; it is just that on xenial and trusty the strace output was mysterious.
Looking at the versions of strace, xenial has 4.11, trusty 4.8 and bionic 4.21. Upstream is very active: https:/ /github. com/strace/ strace/ commits/ v4.21 but while bionic has 4.21, if I remove strace from xenial and snap install strace-static --edge, I get 4.23 and similar behavior, so there is something more going on:
$ sudo snap run --strace test-snapd- tools.cmd nice -n -10 uptime 2>&1 | grep syscall 0xfffffffffffff fff(0, 0, 0xfffffff6, 0x865, 0, 0x1999999999999999) = -1 EPERM (Operation not permitted)
[pid 6358] syscall_