I'm on a Gentoo amd64 testing with hardened profile. I've tried chromium 5.0.342.9 and 5.0.375.3 and both get killed by pax when launched. I attach demesg relevant output and emerge --info Reproducible: Always
Created attachment 228065 [details] dmesg output
Created attachment 228067 [details] emerge --info
Joel, could you provide a paxctl or equivalent command that would make Chromium work on PaX-enabled system?
@Joel please provide build log in future bugreports. Here is what probably creates the fail. ^G * QA Notice: The following files contain runtime text relocations * Text relocations force the dynamic linker to perform extra * work at startup, waste system resources, and may pose a security * risk. On some architectures, the code may not even function * properly, if at all. * For more information, see http://hardened.gentoo.org/pic-fix-guide.xml * Please include the following list of files in your report: * TEXTREL usr/lib64/chromium-browser/chrome ^G ^G * QA Notice: The following files contain writable and executable sections * Files with such sections will not work properly (or at all!) on some * architectures/operating systems. A bug should be filed at * http://bugs.gentoo.org/ to make sure the issue is fixed. * For more information, see http://hardened.gentoo.org/gnu-stack.xml * Please include the following list of files in your report: * Note: Bugs should be filed for the respective maintainers * of the package in question and not hardened@g.o. * RWX --- --- usr/lib64/chromium-browser/chrome
#paxctl -c /opt/chromium.org/chrome-linux/chrome #paxctl -m /opt/chromium.org/chrome-linux/chrome that is for chromium-bin fyi seems to also work ok with just the javascript disabled
This should be fixed with a recent bump. Thanks Constantine for the paxctl commands. Please re-open (preferably with an ebuild patch), if there are still some problems with it.
