1 |
On Fri, Mar 30, 2012 at 07:13:38PM +0200, Ђорђе Тодоровић wrote: |
2 |
> I am currently trying to run: net-im/skype on an amd64 non-multilib hardened |
3 |
> profile. I have grsec and pax enabled in kernel (.config in attachment), and I |
4 |
> am aware of this bug: [1], I am also aware that Skype is masked on hardened |
5 |
> profiles, but, while reading the bug report I saw mentions of some people |
6 |
> actually getting Skype to run on their machines. |
7 |
> |
8 |
> When I try to run Skype, it dies with the message: "Killed!" |
9 |
> dmesg says: |
10 |
> "[98725.282864] grsec: denied RWX mmap of /opt/skype/skype by /opt/skype/skype[skype:19989] uid/euid:1000/1000 gid/egid:100/100, parent /bin/bash[bash:19519] uid/euid:1000/1000 gid/egid:100/100" |
11 |
> |
12 |
> I tried using paxctl on $(which skype) but I get: |
13 |
> "file /usr/bin/skype is not a valid ELF executable" |
14 |
|
15 |
You can try to make it a valid ELF header first, and then paxmark it. |
16 |
|
17 |
I have the following for my Skype: |
18 |
paxctl -C /opt/skype/skype |
19 |
paxctl -me /opt/skype/skype |
20 |
|
21 |
Wkr, |
22 |
Sven Vermeulen |