Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
Hi, Short intro, using hardened all ~x86 system. For a second time try to use glibc-2.3.4-20050125, perviuos attempt failed due to same issue (no locales). Now emerged glibc-2.3.4-20050125-r1 same thing, locales -a reports only C & POSIX. Glibc-20041102 works OK on same system. During emerge saw some strange messages as this: ... done nl_NL.ISO-8859-15@euro.../bin/sh: line 1: 18881 Killed I18NPATH=. GCONV_PATH=/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/iconvdata LC_ALL=C /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/elf/ld.so --library-path /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/math:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/elf:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/dlfcn:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/nss:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/nis:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/rt:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/resolv:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/crypt:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/nptl /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/locale/localedef --no-archive --alias-file=../intl/locale.alias -i locales/$input -c -f charmaps/$charset --prefix=/var/tmp/portage/glibc-2.3.4.20050125-r1/image/ $locale done nn_NO.UTF-8.../bin/sh: line 1: 18196 Killed I18NPATH=. GCONV_PATH=/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/iconvdata LC_ALL=C /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/elf/ld.so --library-path /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/math:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/elf:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/dlfcn:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/nss:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/nis:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/rt:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/resolv:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/crypt:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/nptl /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/locale/localedef --no-archive --alias-file=../intl/locale.alias -i locales/$input -c -f charmaps/$charset --prefix=/var/tmp/portage/glibc-2.3.4.20050125-r1/image/ $locale done nn_NO.ISO-8859-1.../bin/sh: line 1: 12758 Killed I18NPATH=. GCONV_PATH=/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/iconvdata LC_ALL=C /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/elf/ld.so --library-path /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/math:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/elf:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/dlfcn:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/nss:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/nis:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/rt:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/resolv:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/crypt:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/nptl /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/locale/localedef --no-archive --alias-file=../intl/locale.alias -i locales/$input -c -f charmaps/$charset --prefix=/var/tmp/portage/glibc-2.3.4.20050125-r1/image/ $locale done oc_FR.ISO-8859-1.../bin/sh: line 1: 27694 Killed I18NPATH=. GCONV_PATH=/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/iconvdata LC_ALL=C /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/elf/ld.so --library-path /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/math:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/elf:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/dlfcn:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/nss:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/nis:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/rt:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/resolv:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/crypt:/var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/nptl /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/locale/localedef --no-archive --alias-file=../intl/locale.alias -i locales/$input -c -f charmaps/$charset --prefix=/var/tmp/portage/glibc-2.3.4.20050125-r1/image/ $locale done ... So some processes are killed, might be some hardened issue (grsec2+PaX) Later will give more info, if any. Thanks Rumen Reproducible: Always Steps to Reproduce: 1. 2. 3. .................................................................................................................................................................................................................................Gentoo Base System version 1.6.10 Portage 2.0.51.19 (default-linux/x86/2004.3, gcc-3.4.3, glibc-2.3.4.20050125-r1, 2.6.11-hardened-r1 i686) ================================================================= System uname: 2.6.11-hardened-r1 i686 AMD Athlon(tm) XP 2200+ Python: dev-lang/python-2.4-r2,dev-lang/python-2.3.4-r1 [2.4 (#2, Feb 8 2005, 19:45:38)] ccache version 2.4 [enabled] dev-lang/python: 2.4-r2, 2.3.4-r1 sys-devel/autoconf: 2.59-r6, 2.13 sys-devel/automake: 1.7.9-r1, 1.8.5-r3, 1.5, 1.4_p6, 1.6.3, 1.9.5 sys-devel/binutils: 2.15.92.0.2-r6 sys-devel/libtool: 1.5.14 virtual/os-headers: 2.6.8.1-r2 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CFLAGS="-march=i686 -O2 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/alias /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-march=i686 -O2 -pipe -fomit-frame-pointer" DISTDIR="/var/portage/distfiles" FEATURES="autoaddcvs autoconfig ccache collision-protect distlocks gpg sandbox sfperms" GENTOO_MIRRORS="http://gentoo.itdnet.net/gentoo http://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/ http://ftp.easynet.nl/mirror/gentoo/ http://gentoo.oregonstate.edu http://mirror.datapipe.net/gentoo" LANG="bg_BG.UTF-8" LC_ALL="C" LDFLAGS="-Wl,-O1" MAKEOPTS="-j2" PKGDIR="/var/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/var/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 3dnow X X509 aac aalib acl acpi alsa apache2 avi bash-completion berkdb bitmap-fonts caps cdr chroot clamav crypt cups curl directfb dvd dvdr emboss encode esd evo ffmpeg flac font-server foomaticdb fortran freetype gd gdbm gif gphoto2 gpm gstreamer gtk gtk2 guile hardened hardenedphp imagemagick imap imlib ipv6 java javascript jpeg junit kdexdeltas ldap libg++ libwww mad maildir matroska mikmod mmx motif mp3 mpeg mpeg4 mysql ncurses nls nptl nptlonly nvidia oggvorbis opengl oss pam pdflib perl pic pie png postgres ppds prelude python qt quicktime readline samba sdl skey slang snmp speex spell sse ssl svg svga symlink tcltk tcpd tetex theora threads tiff transcode truetype truetype-fonts type1-fonts unicode usb xml xml2 xmms xv xvid zlib linguas_bg linguas_en" Unset: ASFLAGS, CBUILD, CTARGET
what did dmesg say after it was Killed?
Hi, Strange thing was that this 'kill'message is in the logs only, really the build process goes on and finishes OK. Maybe it just can't build the locales or zero-size. Only afterwards when starting/using glibc there are no other locales exept the defaults, otherwise glibc works wonderfully (just missing the locales). Will recompile glibc-20050125-r1 again as i went back to glibc-20041102, needed it to use BG-locales. Will report later when re-emerge glibc-10050125-r1. Another tip, a week or more ago (when glibc-10050125 went out) tried it too with same result, no locales, but the binary was only around 10MB, while 20041102 & 20050125-r1 are around 16/15MB. Now ckecking: have many locale files with <>0 sizes (root:root owned) in /usr/share/i18n/locales dir. Can't give any more info now. PS: think of tring to switch off shared-memory protection in grsec (recompile kernel), have many problems (seems so) with it ON, mozilla other apps. Thanks Rumen
Same problem here, seems to be hardened related : I have this problem only on my hardened machine : =================8<================= Portage 2.0.51.19 (hardened/x86/2.6, gcc-3.4.3, glibc-2.3.4.20050125-r1, 2.6.11-xwing i686) ================================================================= System uname: 2.6.11-xwing i686 Intel(R) Celeron(R) CPU 2.53GHz Gentoo Base System version 1.6.10 Python: dev-lang/python-2.3.5 [2.3.5 (#1, Feb 17 2005, 23:18:59)] dev-lang/python: 2.3.5 sys-devel/autoconf: 2.59-r6, 2.13 sys-devel/automake: 1.7.9-r1, 1.8.5-r3, 1.5, 1.4_p6, 1.6.3, 1.9.5 sys-devel/binutils: 2.15.92.0.2-r6 sys-devel/libtool: 1.5.14 virtual/os-headers: 2.6.8.1-r2 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CFLAGS="-march=pentium4 -O2 -mtune=pentium4 -fomit-frame-pointer -ffast-math -funroll-loops -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/bind /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-march=pentium4 -O2 -mtune=pentium4 -fomit-frame-pointer -ffast-math -funroll-loops -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs autoconfig buildsyspkg candy ccache distlocks sandbox userpriv usersandbox" GENTOO_MIRRORS="http://mirror.switch.ch/ftp/mirror/gentoo/ http://ftp.gentoo.skynet.be/pub/gentoo/ http://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/" LC_ALL="fr_FR@euro" MAKEOPTS="-j2" PKGDIR="/usr/portage//packages/x86/" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage/" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://r2d2.v6.xwing.info/gentoo-portage" USE="X509 acl acpi acpi4linux apache2 bash-completion berkdb clamav crypt curl dba dga distribution dlloader dnd dvd extensions fbcon freetype fs gd gdbm gif gpm hardened hardenedphp idled imagemagick imap imlib2 ipv6 jpeg maildir md5sum mmx mysql ncurses network nls nptl nptlonly nvidia ofx pam perl php pic pie png print python readline rrdtool samba sasl slang spell sqlite sse sse2 ssl tcpd tiff truetype truetype-fonts type1 type1-fonts unicode usb userlocales x86 xml2 zlib" Unset: ASFLAGS, CBUILD, CTARGET, LANG, LDFLAGS =================8<=================
Found this in my log : ===============8<================ Mar 17 01:09:09 xwing PAX: From 127.0.0.6: execution attempt in: <anonymous mapping>, 59ec6000-59ede000 59ec6000 Mar 17 01:09:09 xwing PAX: terminating task: /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/e lf/ld.so(ld.so):27785, uid/euid: 0/0, PC: 59ed9eb0, SP: 59ed9cb4 Mar 17 01:09:09 xwing PAX: bytes at PC: b9 40 a4 ed 59 e9 3a e3 19 ae 09 08 06 00 00 00 0a 00 00 00 Mar 17 01:09:09 xwing PAX: bytes at SP: 08078f49 00000001 1805b388 00000000 22789aca 2278795a 00000001 00000054 00000058 0000005c 0000045c 00000a6c 00000a70 00000a74 00000a74 00000a74 00000a74 180bc9e8 00000010 180bca70 ===============8<=============== There is one set of messages like this for each locale. Perhaps building locales should be done using system's ld.so since it's the only that can execute segments in write mode...
I builded my glibc with this trick: Made a screen and run the ebuild to compile and than install the stuff: # screen -U # ebuild /usr/portage/sys-libs/glibc/glibc-2.3.4.20050125-r1.ebuild install Before the locales build i get out of the screen session, and run these: # paxctl -pemrsx /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/elf/ld.so # paxctl -pemrsx /var/tmp/portage/glibc-2.3.4.20050125-r1/work/build-default-i686-pc-linux-gnu-nptl/locale/localedef And i go back to the screen session and made a package and install it: # screen -r # ebuild /usr/portage/sys-libs/glibc/glibc-2.3.4.20050125-r1.ebuild package # emerge -u glibc -K And then don't forget to delete the /var/tmp/portage/glibc-2.3.4.20050125-r1 dir!
Same problems here (bug #82106#c32 for more details)
*** Bug 90590 has been marked as a duplicate of this bug. ***
FYI I still see this at least with sys-libs/glibc-2.3.3.20040420-r2 on my sparc but as fasr as I remember also with another x86 system. I use a primitive shell script to work around the problem: # nice ./paxfix.sh & then # emerge glibc and afterwards stop the paxfix.sh paxfix.sh: ----------------------------------------- #!/bin/bash # plain stupid glibc PaX fix. dsy pkg="glibc-2.3.3.20040420-r2" files="/var/tmp/portage/${pkg}/work/build-default-i686-pc-linux-gnu-nptl/locale/localedef /var/tmp/portage/${pkg}/build-default-i686-pc-linux-gnu-nptl/elf/ld.so" while true ; do sleep 1 for file in ${files} ; do if [ -e $file ] ; then paxctl -pemrsx $file logger "NOTE: glibc PaX compile fix applied!" fi done done -----------------------------
Silly me, just forget the shell script, it currently does not work. (there's an error in the "for loop/if exist" logic...)
glibc 2.3.5 went stable on my hardened x86 system and this bug bit me. For example running locale gives me: betelgeuse@aria ~/irclogs/quakenet $ locale locale: Cannot set LC_MESSAGES to default locale: No such file or directory locale: Cannot set LC_ALL to default locale: No such file or directory LANG= LC_CTYPE="en_US.utf8" and the rest normally
*** Bug 99400 has been marked as a duplicate of this bug. ***
Can you please try glibc-2.3.5-r1. I just committed a change that should readd a patch that was accidently dropped during a version bump (1040_all_2.3.3-localedef-fix-trampoline.patch). solar said this patch should fix the problem. Make sure the ebuild has PATCH_VER="1.6" in it.
(In reply to comment #12) > Can you please try glibc-2.3.5-r1. I just committed a change that should readd > a patch that was accidently dropped during a version bump > (1040_all_2.3.3-localedef-fix-trampoline.patch). solar said this patch should > fix the problem. Make sure the ebuild has PATCH_VER="1.6" in it. This seems to fix the problem. ebuild install completes and there are no entries in syslog.
Hi, From my side it's a pitty but i can't test this as i'm not using a "hardened" system any more, but a great thanks to all for your work. PS: assume some dev will close the BUG after proper testing done? Rumen
(In reply to comment #12) > I just committed a change that should readd > a patch that was accidently dropped during a version bump thanks Jeremy
ok, I'm closing this up as 2.3.5-r1 is now released. It addresses mainly this bug and bug #52374 with some USE flag/configure options that users requested, so hopefully we can get it stable fairly soon.
Yesterday I emerged the new 2.3.5-r1 on my hardened ~x86. While I can confirm that "locale -a" is now fine, I still have a task terminated by pax during the compile! ----- /var/log/syslog extract --------- Jul 23 15:27:00 intranet kernel: PAX: execution attempt in: <anonymous mapping>, 5eae9000-5eaff000 5eae900 0 Jul 23 15:27:00 intranet kernel: PAX: terminating task: /usr/sbin/iconvconfig(iconvconfig):10585, uid/euid : 0/0, PC: 5eafd13c, SP: 5eafd03c Jul 23 15:27:00 intranet kernel: PAX: bytes at PC: b9 90 d1 af 5e e9 ca ca 54 a9 04 27 10 00 00 00 b8 d4 0 8 08 Jul 23 15:27:00 intranet kernel: PAX: bytes at SP: 26fe40de 08080768 00000000 00000000 5eafd13c 00000691 0 0000000 5eafd19c 08049ed7 08080768 5eafd13c 00000001 0807b298 73752f2f 696c2f72 63672f62 2f766e6f 6e6f6367 6f6d2d76 656c7564 -----------------------------------------------
(In reply to comment #17) > Yesterday I emerged the new 2.3.5-r1 on my hardened ~x86. > While I can confirm that "locale -a" is now fine, I still have a task > terminated by pax during the compile! > [...] > task: /usr/sbin/iconvconfig(iconvconfig):10585, uid/euid > ----------------------------------------------- iconvconfig also needs PAX flags -ps added to its ELF headers with paxctl. Otherwise iconvconfig won't run at all, and the un-PAX marked iconvconfig which gets installed on the system will be killed also. Just try to run it on a hardened system, it will be killed with the same errors in the syslog. This is a bug, too.
Daniel, Mikko - do you have trampoline emulation switched off? iconvconfig contains a nested function. The toolchain causes it to be marked 'E' - which enables trampoline emulation if the kernel supports it - thus avoiding the need for an executable stack.
Created an attachment (id=64214) [details] De-trampoline iconvconfig Well, here's a patch that un-nests the nested function, removing any need for executable stack. On my system, it generates identical output to the previous version with the trampoline, so I think it's ok.
Kevin, Yes, I don't have CONFIG_PAX_EMUTRAMP set here.
(re-opening to save starting another bug and losing the thread) Jeremy, would you mind taking a look at this (comment #17 on)? Any hardened system that doesn't have trampoline emulation will fail as reported, I'm pretty confident about my patch (famous last words). I think it's useful to eliminate the need for executable stack from glibc stuff; not all arches have even the possibility to emulate trampolines.
Yeah. The patch looks simple enough. Anyone have any objection to me sneaking this into 2.3.5-r1 even though it's out of package.mask?
Can you change PATCH_VER to 1.7 in glibc-2.3.5-r1, and test for me?
built & installed successfully here with patch-ver 1.7, no problems. build resulted in a normal 'xe'-flagged binary, so no more trampoline. btw sneaking it into 2.3.5-r1 seems sensible to me.
Done. Thanks Kevin. You might want to try submitting these upstream, too. They might not like the global variable usage for the iconvconfig fix (I'm not too keen on it either), so you should just pass pointers to them in name_insert and leave them local to the caller.
closing
Great work! :)
