1 |
Hi! |
2 |
|
3 |
On Sat, Jun 07, 2014 at 11:48:53PM +0200, "Tóth Attila" wrote: |
4 |
> > Some time ago I noticed this in kernel logs: |
5 |
> > kern.alert: grsec: denied RWX mmap of <anonymous mapping> by |
6 |
> > /usr/lib64/python-exec/python2.7/layman[layman:9717] uid/euid:0/0 |
7 |
> > gid/egid:0/0, parent /bin/bash[sh:9695] uid/euid:0/0 gid/egid:0/0 |
8 |
> > Looks like it doesn't break layman, but I still wonder why it happens and |
9 |
> > is it possible to fix this (without paxmarking python, of course)? |
10 |
> I don't see this in my logs. The python executable has the "E" flag on my |
11 |
> systems. |
12 |
|
13 |
I've just re-emerged both pythons, here is flags: |
14 |
|
15 |
# paxctl-ng -v /usr/bin/python?.? |
16 |
/usr/bin/python2.7: |
17 |
PT_PAX : -e--- |
18 |
XATTR_PAX : -E--- |
19 |
|
20 |
/usr/bin/python3.3: |
21 |
PT_PAX : -e--- |
22 |
XATTR_PAX : -E--- |
23 |
|
24 |
Next, I've run eix-sync and get this in kernel log: |
25 |
|
26 |
2014-06-07_23:07:50.51597 kern.alert: grsec: denied RWX mmap of <anonymous mapping> by /usr/lib64/python-exec/python2.7/layman[layman:3854] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:3830] uid/euid:0/0 gid/egid:0/0 |
27 |
2014-06-07_23:07:50.82796 kern.alert: grsec: denied RWX mmap of <anonymous mapping> by /usr/bin/python3.3[emerge:3977] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:3830] uid/euid:0/0 gid/egid:0/0 |
28 |
2014-06-07_23:07:56.00097 kern.alert: grsec: denied RWX mmap of <anonymous mapping> by /usr/bin/python3.3[egencache:4009] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:3830] uid/euid:0/0 gid/egid:0/0 |
29 |
2014-06-07_23:07:56.39894 kern.alert: grsec: denied RWX mmap of <anonymous mapping> by /usr/bin/python3.3[egencache:4028] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:3830] uid/euid:0/0 gid/egid:0/0 |
30 |
|
31 |
# cat /etc/eix-sync.conf |
32 |
* |
33 |
@egencache --repo=powerman --update |
34 |
@egencache --repo=local --update |
35 |
|
36 |
-- |
37 |
WBR, Alex. |