On Fri, Nov 22, 2013 at 11:00:24AM -0500, Paul Moore wrote: > > Developers will only be happy with seccomp if it's easy and rewarding to > > support/debug. > > Agreed. > > As a developer, how do you feel about the audit/syslog based approach I > mentioned earlier?
I used the commands you posted (I think that's what you mean). They produce useful output. The problem is that without an error message on stderr or from the shell, no one will think "QEMU process dead and hung == check seccomp" immediately. It's frustrating to deal with a "silent" failure. Stefan
