diff options
author | Mark H Weaver <mhw@netris.org> | 2015-05-09 12:57:36 -0400 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2015-05-09 13:14:31 -0400 |
commit | 15f0de0581987c539f86012bf524559e283f5942 (patch) | |
tree | 4924bf91aec1b58c7bfa8a9bc258be21998e84b5 /gnu/build | |
parent | 57e95b261bf316caf784e74dd3f838a6ef59c344 (diff) | |
download | gnu-guix-15f0de0581987c539f86012bf524559e283f5942.tar gnu-guix-15f0de0581987c539f86012bf524559e283f5942.tar.gz |
system: activate-ptrace-attach: Handle kernels without YAMA support.
* gnu/build/activation.scm (activate-ptrace-attach): Check for the existence
of /proc/sys/kernel/yama/ptrace_scope before trying to write to it.
Diffstat (limited to 'gnu/build')
-rw-r--r-- | gnu/build/activation.scm | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm index 8697d9d16d..352e736050 100644 --- a/gnu/build/activation.scm +++ b/gnu/build/activation.scm @@ -369,9 +369,11 @@ found in Linux 3.4 onward that prevents users from attaching to their own processes--see Yama.txt in the Linux source tree for the rationale. This sounds like an unacceptable restriction for little or no security improvement." - (call-with-output-file "/proc/sys/kernel/yama/ptrace_scope" - (lambda (port) - (display 0 port)))) + (let ((file "/proc/sys/kernel/yama/ptrace_scope")) + (when (file-exists? file) + (call-with-output-file file + (lambda (port) + (display 0 port)))))) (define %current-system |