From 2945bcd79695ba02a347f0fbf0a2e6cb17f56fae Mon Sep 17 00:00:00 2001
From: Penny Zheng <penny.zheng@arm.com>
Date: Fri, 28 Feb 2020 05:07:27 +0000
Subject: [PATCH] FC: Removed redundant `--seccomp-level` jailer parameter

Firecracker has removed redundant `--seccomp-level` jailer parameter
since it can be simply forwarded to the Firecracker executable using
"end of command options" convention.
Related PR: https://github.com/firecracker-microvm/firecracker/pull/1491
Since kata is just using default seccomp level for firecracker, here
then we just removed the setting for jailer.

Fixes: #2504

Signed-off-by: Penny Zheng <penny.zheng@arm.com>
---
 virtcontainers/fc.go | 1 -
 1 file changed, 1 deletion(-)

diff --git a/virtcontainers/fc.go b/virtcontainers/fc.go
index 807d09874..006da9679 100644
--- a/virtcontainers/fc.go
+++ b/virtcontainers/fc.go
@@ -361,7 +361,6 @@ func (fc *firecracker) fcInit(timeout int) error {
 		jailedArgs := []string{
 			"--id", fc.id,
 			"--node", "0", //FIXME: Comprehend NUMA topology or explicit ignore
-			"--seccomp-level", "2",
 			"--exec-file", fc.config.HypervisorPath,
 			"--uid", "0", //https://github.com/kata-containers/runtime/issues/1869
 			"--gid", "0",