Still working out kinks in the above, but here's a simpler one. Needs running in an nspawn container again (steps 1-2 above); should either succeed (no output) or print "function not implemented", but without seccomp support nspawn will block it and it will print "not permitted"
Still working out kinks in the above, but here's a simpler one. Needs running in an nspawn container again (steps 1-2 above); should either succeed (no output) or print "function not implemented", but without seccomp support nspawn will block it and it will print "not permitted"
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
int main()
if(syscall( 436, 0, 0, 0)) {
perror( "close_ range") ;
exit( 1);
{
}
exit(0);
}