| 1 |
On 05/30/2013 11:45 AM, Magnus Granberg wrote: |
| 2 |
> torsdag 30 maj 2013 11.13.45 skrev Anthony G. Basile: |
| 3 |
>> |
| 4 |
>> migrate-pax also will copy PT_PAX to XATTR_PAX flags identically with |
| 5 |
>> one exception, if PT_PAX = "-e---" then no user.pax.flags xattr is |
| 6 |
>> created. I am always thinking in terms of either PAX_PT_PAX_FLAGS xor |
| 7 |
>> PAX_XATTR_PAX_FLAGS is on, not both. When both are on, we fall back on |
| 8 |
>> what you describe. So I adopted the approach: don't copy "-e---" to |
| 9 |
>> XATTR_PAX and when you reboot into a PAX_PT_PAX_FLAGS=n and |
| 10 |
>> PAX_XATTR_PAX_FLAGS=y kernel, you'll get the desired behavior. |
| 11 |
>> |
| 12 |
>> A good approach or no? |
| 13 |
> To use xattr pax flags PAX_MARKINGS need to be set to XT in make.conf |
| 14 |
> else will portage default to PT when marking. |
| 15 |
|
| 16 |
Thanks Mangus for reminding us. We had to set the default portage |
| 17 |
behaviour to just doing PT_PAX markings because there were two |
| 18 |
remanining issues: 1) making sure that even gentoo-sources would |
| 19 |
preserve user.pax.flags on tmpfs and 2) fixing the default behavior of |
| 20 |
install which currently does not preserve xattrs. |
| 21 |
|
| 22 |
The former is solved. This was needed for people who switch back and |
| 23 |
forth between gentoo-sources and hardened-sources (there are a few, even |
| 24 |
I do sometimes). We don't want to loose XATTR_PAX flags when emerging |
| 25 |
with gentoo-sources. |
| 26 |
|
| 27 |
The latter is going to bump up against GNU standards. But I have a plan :) |
| 28 |
|
| 29 |
|
| 30 |
> Python need EMUTRAMP enable in the kernel with newer libffi and python |
| 31 |
> and have the E mark on the binary. |
| 32 |
> /Magnus |
| 33 |
> |
| 34 |
|
| 35 |
This is now on by default so a user has to deliberally turn off EMUTRAMP |
| 36 |
rather than vice versa. |
| 37 |
|
| 38 |
|
| 39 |
-- |
| 40 |
Anthony G. Basile, Ph. D. |
| 41 |
Chair of Information Technology |
| 42 |
D'Youville College |
| 43 |
Buffalo, NY 14201 |
| 44 |
(716) 829-8197 |
Archives