post image January 6, 2022 | 1 min Read

All syscalls

**Learn about syscalls and seccomp''

# Each and every syscall explained
grep -w 35 /usr/include/asm/unistd_64.h 
#define __NR_nanosleep 35

# Create seccomp profiles in a "default" location
sudo mkdir -p /var/lib/kubelet/seccomp/profiles
sudo touch  /var/lib/kubelet/seccomp/profiles/audit.json
sudo touch  /var/lib/kubelet/seccomp/profiles/violation.json

# Allow logging
sudo cat   /var/lib/kubelet/seccomp/profiles/audit.json
    "defaultAction": "SCMP_ACT_LOG"

# Disable use of any syscall by default

sudo cat   /var/lib/kubelet/seccomp/profiles/violation.json
    "defaultAction": "SCMP_ACT_ERRNO"

author image

Jan Toth

I have been in DevOps related jobs for past 6 years dealing mainly with Kubernetes in AWS and on-premise as well. I spent quite a lot …

comments powered by Disqus