summary refs log tree commit diff
path: root/gnu/build/activation.scm
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2015-05-09 12:57:36 -0400
committerMark H Weaver <mhw@netris.org>2015-05-09 13:14:31 -0400
commit15f0de0581987c539f86012bf524559e283f5942 (patch)
tree4924bf91aec1b58c7bfa8a9bc258be21998e84b5 /gnu/build/activation.scm
parent57e95b261bf316caf784e74dd3f838a6ef59c344 (diff)
downloadguix-15f0de0581987c539f86012bf524559e283f5942.tar.gz
system: activate-ptrace-attach: Handle kernels without YAMA support.
* gnu/build/activation.scm (activate-ptrace-attach): Check for the existence
  of /proc/sys/kernel/yama/ptrace_scope before trying to write to it.
Diffstat (limited to 'gnu/build/activation.scm')
-rw-r--r--gnu/build/activation.scm8
1 files changed, 5 insertions, 3 deletions
diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm
index 8697d9d16d..352e736050 100644
--- a/gnu/build/activation.scm
+++ b/gnu/build/activation.scm
@@ -369,9 +369,11 @@ found in Linux 3.4 onward that prevents users from attaching to their own
 processes--see Yama.txt in the Linux source tree for the rationale.  This
 sounds like an unacceptable restriction for little or no security
 improvement."
-  (call-with-output-file "/proc/sys/kernel/yama/ptrace_scope"
-    (lambda (port)
-      (display 0 port))))
+  (let ((file "/proc/sys/kernel/yama/ptrace_scope"))
+    (when (file-exists? file)
+      (call-with-output-file file
+        (lambda (port)
+          (display 0 port))))))
 
 
 (define %current-system