189705 – media-sound/teamspeak2-server-bin & Client-bin: Startup problem when using hardened profile

Bug 189705 - media-sound/teamspeak2-server-bin & Client-bin: Startup problem when using hardened profile

Summary: media-sound/teamspeak2-server-bin & Client-bin: Startup problem when using ha...

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	High normal
Assignee:	The Gentoo Linux Hardened Team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2007-08-21 14:13 UTC by Regin
Modified:	2009-07-21 13:49 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Regin 2007-08-21 14:13:28 UTC

at least for >2.0.23.*

I use the hardened profile and the hardend-sources. Teamspeak (server & client) will not start, wenn PAX is activated: 

PAX: From xx.xx.xx.xx: execution attempt in: /opt/teamspeak2-server/server_linux, 08219000-08231000 000d0000
PAX: terminating task: /opt/teamspeak2-server/server_linux(server_linux):28141, uid/euid: 0/0, PC: 0821ccd7, SP: 5df15cb0
PAX: bytes at PC: 83 44 24 04 dc e9 ef 2c e3 ff 83 44 24 04 dc e9 f9 2c e3 ff
PAX: bytes at SP-4: 08107980 0804f8c0 08237b4c 08231594 08237b4c 080739d2 5df15ce0 0804c767 0000000d 0804c830 5df15f04 00000001 08107978 5df15ce8 0804c8ac 5df15e38 0805359c 5df15f04 08107ce8 00000000 5df15f0c


I have to use "chpax -ps /opt/teamspeak2-server/server_linux" to get it running.
(paxctl is of no use here, because server_linux has no PT_FLAGS_HEADER, a conversion results in seqmentation faults in server_linux)

This problem shows itself in teamspeak2-Server & client-bin, on x86 and amd64-systems. Solution could be the ebuild, adding SEGMEXEC_EXEMPT for the bin in /etc/conf.d/chpax and depending on chpax!

Reproducible: Always

Steps to Reproduce:
1. use hardened profile & hardened-kernel
2. emerge teamspeak2 server-bin or client-bin
3. start it

Actual Results:  
PAX: From xx.xx.xx.xx: execution attempt in: /opt/teamspeak2-server/server_linux, 08219000-08231000 000d0000
PAX: terminating task: /opt/teamspeak2-server/server_linux(server_linux):28141, uid/euid: 0/0, PC: 0821ccd7, SP: 5df15cb0
PAX: bytes at PC: 83 44 24 04 dc e9 ef 2c e3 ff 83 44 24 04 dc e9 f9 2c e3 ff
PAX: bytes at SP-4: 08107980 0804f8c0 08237b4c 08231594 08237b4c 080739d2 5df15ce0 0804c767 0000000d 0804c830 5df15f04 00000001 08107978 5df15ce8 0804c8ac 5df15e38 0805359c 5df15f04 08107ce8 00000000 5df15f0c

Expected Results:  
should be running fine

Comment 1 Jakub Moc (RETIRED) gentoo-dev

2007-08-21 17:29:02 UTC

Don't see what are you requesting from us; we can package.mask this binary cruft on hardened profiles, that's all.

Comment 2 Regin 2007-08-24 07:57:17 UTC

Masking it on hardened profile is no good. Server & client work, if using chpax to set the right pax settings before startup (maybe there´s another way to get it running?) - It would be helpfull for example if the ebuild prints a small warning about that if emerged on hardened-sources ?

Comment 3 Samuli Suominen (RETIRED) gentoo-dev

2009-07-21 13:49:56 UTC

teamspeak* has been lastrited for bundling vulnerable copies of libpng, speex etc., won't be fixing this