aboutsummaryrefslogtreecommitdiff
path: root/gnu/build
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2015-05-09 12:57:36 -0400
committerMark H Weaver <mhw@netris.org>2015-05-09 13:14:31 -0400
commit15f0de0581987c539f86012bf524559e283f5942 (patch)
tree4924bf91aec1b58c7bfa8a9bc258be21998e84b5 /gnu/build
parent57e95b261bf316caf784e74dd3f838a6ef59c344 (diff)
downloadgnu-guix-15f0de0581987c539f86012bf524559e283f5942.tar
gnu-guix-15f0de0581987c539f86012bf524559e283f5942.tar.gz
system: activate-ptrace-attach: Handle kernels without YAMA support.
* gnu/build/activation.scm (activate-ptrace-attach): Check for the existence of /proc/sys/kernel/yama/ptrace_scope before trying to write to it.
Diffstat (limited to 'gnu/build')
-rw-r--r--gnu/build/activation.scm8
1 files changed, 5 insertions, 3 deletions
diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm
index 8697d9d16d..352e736050 100644
--- a/gnu/build/activation.scm
+++ b/gnu/build/activation.scm
@@ -369,9 +369,11 @@ found in Linux 3.4 onward that prevents users from attaching to their own
processes--see Yama.txt in the Linux source tree for the rationale. This
sounds like an unacceptable restriction for little or no security
improvement."
- (call-with-output-file "/proc/sys/kernel/yama/ptrace_scope"
- (lambda (port)
- (display 0 port))))
+ (let ((file "/proc/sys/kernel/yama/ptrace_scope"))
+ (when (file-exists? file)
+ (call-with-output-file file
+ (lambda (port)
+ (display 0 port))))))
(define %current-system