> Should it enable seccomp a bit later? Ideally it should be enabled as late as possible, right before the main loop, because here's no reason to whitelist syscalls that are only ever needed to start QEMU up (e.g. chroot, which is only used before the guest even boots). But for now, the simplest solution to the -chroot and -runas issue I can think of is to enable those syscalls in my patch.
- Re: [Qemu-devel] [PATCH] Add syscalls for -runas and -ch... namnamc
- Re: [Qemu-devel] [PATCH] Add syscalls for -runas an... namnamc
- Re: [Qemu-devel] [PATCH] Add syscalls for -runa... Markus Armbruster
- Re: [Qemu-devel] [PATCH] Add syscalls for -... Eduardo Otubo
