Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

unable to load seccomp BPF program: Invalid argument #41

Open
bohendo opened this issue Nov 17, 2022 · 1 comment
Open

unable to load seccomp BPF program: Invalid argument #41

bohendo opened this issue Nov 17, 2022 · 1 comment

Comments

@bohendo
Copy link

bohendo commented Nov 17, 2022

Progress:

  • I got the lnl7/nix:ssh docker container running w/out any issues
  • I'm able to access the docker container via either ssh local-linux or sudo ssh local-linux
  • I'm using nix-darwin & configured the remote builder like so:
  nix.settings.allowed-users = [ "root" "bohendo" ];
  nix.settings.trusted-users = [ "root" "bohendo" ];
  nix.distributedBuilds = true;
  nix.buildMachines = [{
    hostName = "local-linux";
    sshKey = "/tmp/nix/insecure_rsa";
    sshUser = "root";
    system = "x86_64-linux";
  }];
  nix.extraOptions = ''
    experimental-features = nix-command flakes
  '';

And when I try to run the test command at the end of the readme, I get the following:

$ nix-build -E 'with import <nixpkgs> { system = "x86_64-linux"; }; hello.overrideAttrs (drv: { REBUILD = builtins.currentTime; })'
this derivation will be built:
  /nix/store/zaz9ii7hy0rf37jdfa0yqf4yddqzshfh-hello-2.12.1.drv
this path will be fetched (0.99 MiB download, 0.99 MiB unpacked):
  /nix/store/pa10z4ngm0g83kx9mssrqzz30s84vq7k-hello-2.12.1.tar.gz
copying path '/nix/store/pa10z4ngm0g83kx9mssrqzz30s84vq7k-hello-2.12.1.tar.gz' from 'https://cache.nixos.org'...
building '/nix/store/zaz9ii7hy0rf37jdfa0yqf4yddqzshfh-hello-2.12.1.drv' on 'ssh://root@local-linux'...
copying 1 paths...
copying path '/nix/store/pa10z4ngm0g83kx9mssrqzz30s84vq7k-hello-2.12.1.tar.gz' to 'ssh://root@local-linux'...
error: build of '/nix/store/zaz9ii7hy0rf37jdfa0yqf4yddqzshfh-hello-2.12.1.drv' on 'ssh://root@local-linux' failed: while setting up the build environment: unable to load seccomp BPF program: Invalid argument
error: builder for '/nix/store/zaz9ii7hy0rf37jdfa0yqf4yddqzshfh-hello-2.12.1.drv' failed with exit code 1

I found a related issue that suggested setting filter-syscalls = false but this option doesn't appear to exist anymore. Even if it did, I'd rather provide a valid argument than disable important safety features. One comment suggested it might be bug in docker so maybe it's something that this repo's docker container could fix? I'm not really sure how to proceed.

  • system: "aarch64-darwin"
  • host os: Darwin 22.1.0, macOS 13.0.1
  • multi-user?: yes
  • sandbox: no
  • version: nix-env (Nix) 2.10.3
  • channels(bohendo): "darwin, nixpkgs"
  • channels(root): "nixpkgs"
  • nixpkgs: /Users/bohendo/.nix-defexpr/channels/nixpkgs
cameronraysmith added a commit to cameronraysmith/nixpod that referenced this issue Sep 11, 2023
- arm64 build fails with docker/build-push-action@v4
- NixOS/nix#5258
- LnL7/nix-docker#41
cameronraysmith added a commit to cameronraysmith/nixpod that referenced this issue Sep 11, 2023
- arm64 build fails with docker/build-push-action@v4
- NixOS/nix#5258
- LnL7/nix-docker#41
@Sleepful
Copy link

I had to

RUN echo "filter-syscalls = false" >> /etc/nix/nix.conf

Related: NixOS/nix#5258

mohsenari added a commit to jetify-com/devbox that referenced this issue Feb 15, 2024
## Summary
This fix is due to customer message in discord mentioning the launcher
having old version.
Nix installation in `docker-image-build-publish` workflow was failing
for root-user mode.
This PR fixes it.
The fix was based on recommendation from
LnL7/nix-docker#41 (comment)

## How was it tested?
https://github.com/jetpack-io/devbox/actions/runs/7893709911
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants