Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: Karl-Johan Karlsson <creideiki+gentoo-hardened@××××××××××.se>
To: gentoo-hardened@l.g.o
Subject: Re: [gentoo-hardened] XATTR_PAX, paxmark.sh, elog, icedtea, and maybe more
Date: Sun, 14 Dec 2014 15:09:41
Message-Id: 2812131.GtzgVrzNna@orley
In Reply to: Re: [gentoo-hardened] XATTR_PAX, paxmark.sh, elog, icedtea, and maybe more by "Rick \\\"Zero_Chaos\\\" Farina"
1 On Sat 13 Dec 2014 21.34.58 Rick Zero_Chaos Farina wrote:
2 > just to narrow it down, can you remove the ext3 modules (or just build
3 > it out of the kernel) and let the ext4 driver handle it? ext4
4 > filesystem driver handles ext2 and ext3, typically with much better results.
5
6 Would you look at that - that actually solved the problem. I can now set
7 XATTR_PAX flags markings on files in $PORTAGE_TMPDIR. Thanks!
8
9 I'll try to get around to setting up a VM with a bleeding-edge kernel to see
10 if this behaviour is still present, and if so report it as a bug.
11
12 One weird thing I noticed was that even though (some of) the binaries have
13 XATTR_PAX markings while in $PORTAGE_TMPDIR, none do after being merged to /:
14
15
16 # find /usr/lib64/icedtea7 -type f -name java | xargs -l paxctl-ng -v
17 /usr/lib64/icedtea7/bin/java:
18 PT_PAX : -em--
19 XATTR_PAX : not found
20
21 /usr/lib64/icedtea7/jre/bin/java:
22 PT_PAX : -em--
23 XATTR_PAX : not found
24
25
26 # cd $PORTAGE_TMPDIR && find . -type f -name java | xargs -l paxctl-ng -v
27 ./dev-java/icedtea-7.2.5.3/work/icedtea-2.5.3/openjdk.build-boot/j2re-
28 image/bin/java:
29 PT_PAX : -em--
30 XATTR_PAX : not found
31
32 ./dev-java/icedtea-7.2.5.3/work/icedtea-2.5.3/openjdk.build-boot/bin/java:
33 PT_PAX : -em--
34 XATTR_PAX : -em--
35
36 ./dev-java/icedtea-7.2.5.3/work/icedtea-2.5.3/openjdk.build-boot/j2sdk-server-
37 image/bin/java:
38 PT_PAX : -em--
39 XATTR_PAX : not found
40
41 ./dev-java/icedtea-7.2.5.3/work/icedtea-2.5.3/openjdk.build-boot/j2sdk-server-
42 image/jre/bin/java:
43 PT_PAX : -em--
44 XATTR_PAX : not found
45
46 ./dev-java/icedtea-7.2.5.3/work/icedtea-2.5.3/openjdk.build-boot/j2sdk-
47 image/bin/java:
48 open(O_RDWR) failed: cannot change PT_PAX flags
49 PT_PAX : -em--
50 XATTR_PAX : -em--
51
52 ./dev-java/icedtea-7.2.5.3/work/icedtea-2.5.3/openjdk.build-boot/j2sdk-
53 image/jre/bin/java:
54 PT_PAX : -em--
55 XATTR_PAX : -em--
56
57 ./dev-java/icedtea-7.2.5.3/work/icedtea-2.5.3/openjdk.build/bin/java:
58 PT_PAX : -em--
59 XATTR_PAX : -em--
60
61 --
62 Karl-Johan Karlsson

Attachments

File name MIME type
signature.asc application/pgp-signature
Report Message
Find on MARC Find on Google Groups