| 1 |
Hi, |
| 2 |
I've two servers running with hardened-sources and GRSecurity + PAX |
| 3 |
enabled and anything went fine. Two other servers running |
| 4 |
hardened-sources with SELinux and GRSecurity + PAX I always get PAX |
| 5 |
errors when I want to install something through emerge. |
| 6 |
PAX: bytes at PC: <invalid address>. |
| 7 |
PAX: bytes at SP: 26c5598c 26c6ccd1 26c6c849 5af6b3b4 26c5597d 6f72702f |
| 8 |
6f6d2f63 73746e75 00000000 00000000 00000000 00000000 00000000 00000000 |
| 9 |
00000000 00000000 00000000 00000000 00000000 00000000 |
| 10 |
PAX: execution attempt in: <NULL>, 00000000-00000000 00000000 |
| 11 |
PAX: terminating task: /bin/chown(chown):22429, uid/euid: 0/0, PC: |
| 12 |
00000000, SP: 5a2056b8 |
| 13 |
The kernel options for GRSecurity + PAX are exactly the same on all 4 |
| 14 |
machines. If I try to chown and or chmod something on a SELinux machine |
| 15 |
directly through the root user anything went fine but an emerge process |
| 16 |
will always be derminated by PAX. |
| 17 |
>>> Source unpacked. |
| 18 |
/usr/lib/portage/bin/ebuild.sh: line 1882: 24732 Killed |
| 19 |
chown portage:portage "${T}/environment" >&/dev/null |
| 20 |
/usr/lib/portage/bin/ebuild.sh: line 1882: 2229 Killed |
| 21 |
chmod g+w "${T}/environment" >&/dev/null |
| 22 |
/usr/lib/portage/bin/ebuild.sh: line 1882: 20815 Killed |
| 23 |
chown portage:portage "${T}/environment" >&/dev/null |
| 24 |
/usr/lib/portage/bin/ebuild.sh: line 1882: 8785 Killed |
| 25 |
chmod g+w "${T}/environment" >&/dev/null |
| 26 |
>>> Test phase [not enabled]: app-misc/unisysmon-0.2.2 |
| 27 |
This happens with any ebuild I've tried in the last two weeks. From |
| 28 |
coreutils up to tar. |
| 29 |
Are there any known problems, suggestions? |
| 30 |
-Stefan |
Archives