X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fnspawn%2Fnspawn.c;h=379ea92355e6f512c15b06ad04fcf3b66fd63f7e;hb=3302da4667640ac130956d8d90be7c39fb39222f;hp=089af078860bce50546cfb4ff5ac72893261bb3d;hpb=4fb7242cbbed0d865eb343548b8f0ee0fee71d85;p=elogind.git

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 089af0788..379ea9235 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -79,6 +79,10 @@
 #include "rtnl-util.h"
 #include "udev-util.h"
 
+#ifdef HAVE_SECCOMP
+#include "seccomp-util.h"
+#endif
+
 typedef enum LinkJournal {
         LINK_NO,
         LINK_AUTO,
@@ -1521,7 +1525,13 @@ static int audit_still_doesnt_work_in_containers(void) {
         if (!seccomp)
                 return log_oom();
 
-        r = seccomp_rule_add_exact(
+        r = seccomp_add_secondary_archs(seccomp);
+        if (r < 0 && r != -EEXIST) {
+                log_error("Failed to add secondary archs to seccomp filter: %s", strerror(-r));
+                goto finish;
+        }
+
+        r = seccomp_rule_add(
                         seccomp,
                         SCMP_ACT_ERRNO(EAFNOSUPPORT),
                         SCMP_SYS(socket),