STINNER Victor <vstin...@python.org> added the comment:
> It seems like systemd-nspawn is just breaking everything: > https://sourceware.org/ml/libc-alpha/2019-11/msg00277.html Well, we can try to argue to not block syscalls, but I'm not sure that we can win such battle :-) For os.urandom(), I chose to handle EPERM as ENOSYS in bpo-27955. Extract of Python/bootstrap_hash.c: /* ENOSYS: the syscall is not supported by the kernel. EPERM: the syscall is blocked by a security policy (ex: SECCOMP) or something else. */ if (errno == ENOSYS || errno == EPERM) { getrandom_works = 0; return 0; } We can just skip the test if the syscall fails with EPERM. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue38692> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
