1 |
Hi, |
2 |
I've two servers running with hardened-sources and GRSecurity + PAX |
3 |
enabled and anything went fine. Two other servers running |
4 |
hardened-sources with SELinux and GRSecurity + PAX I always get PAX |
5 |
errors when I want to install something through emerge. |
6 |
PAX: bytes at PC: <invalid address>. |
7 |
PAX: bytes at SP: 26c5598c 26c6ccd1 26c6c849 5af6b3b4 26c5597d 6f72702f |
8 |
6f6d2f63 73746e75 00000000 00000000 00000000 00000000 00000000 00000000 |
9 |
00000000 00000000 00000000 00000000 00000000 00000000 |
10 |
PAX: execution attempt in: <NULL>, 00000000-00000000 00000000 |
11 |
PAX: terminating task: /bin/chown(chown):22429, uid/euid: 0/0, PC: |
12 |
00000000, SP: 5a2056b8 |
13 |
The kernel options for GRSecurity + PAX are exactly the same on all 4 |
14 |
machines. If I try to chown and or chmod something on a SELinux machine |
15 |
directly through the root user anything went fine but an emerge process |
16 |
will always be derminated by PAX. |
17 |
>>> Source unpacked. |
18 |
/usr/lib/portage/bin/ebuild.sh: line 1882: 24732 Killed |
19 |
chown portage:portage "${T}/environment" >&/dev/null |
20 |
/usr/lib/portage/bin/ebuild.sh: line 1882: 2229 Killed |
21 |
chmod g+w "${T}/environment" >&/dev/null |
22 |
/usr/lib/portage/bin/ebuild.sh: line 1882: 20815 Killed |
23 |
chown portage:portage "${T}/environment" >&/dev/null |
24 |
/usr/lib/portage/bin/ebuild.sh: line 1882: 8785 Killed |
25 |
chmod g+w "${T}/environment" >&/dev/null |
26 |
>>> Test phase [not enabled]: app-misc/unisysmon-0.2.2 |
27 |
This happens with any ebuild I've tried in the last two weeks. From |
28 |
coreutils up to tar. |
29 |
Are there any known problems, suggestions? |
30 |
-Stefan |