I have been in DevOps related jobs for past 6 years dealing mainly with Kubernetes in AWS and on-premise as well. I spent quite a lot …
All syscalls
**Learn about syscalls and seccomp''
# Each and every syscall explained
grep -w 35 /usr/include/asm/unistd_64.h
#define __NR_nanosleep 35
# Create seccomp profiles in a "default" location
sudo mkdir -p /var/lib/kubelet/seccomp/profiles
sudo touch /var/lib/kubelet/seccomp/profiles/audit.json
sudo touch /var/lib/kubelet/seccomp/profiles/violation.json
# Allow logging
sudo cat /var/lib/kubelet/seccomp/profiles/audit.json
{
"defaultAction": "SCMP_ACT_LOG"
}
# Disable use of any syscall by default
sudo cat /var/lib/kubelet/seccomp/profiles/violation.json
{
"defaultAction": "SCMP_ACT_ERRNO"
}