sci-mathematics/gimps always crashes on hardened systems when a regular calculation should be started. It works for me with the following PAX marking: /opt/gimps/mprime: XATTR_PAX : --m-- Would be nice, if the ebuild could set this accordingly.
Paolo, any ideas?
Ok, I played around with pax-utils eclass, but it seems to do nothing: I try pax-mark -m mprime for instance but it seems to not work: * Fallback PaX marking -m with scanelf * mprime TYPE PAX FILE ET_EXEC PeMRxS mprime (Still "M" there). I have no idea about PAX stuff, what is the proper way to do this?
(In reply to Thomas Kahle from comment #1) > Paolo, any ideas? Beats me: I know next to nothing about PAX, hardening and whatever. Maybe someone from hardened herd can give us a hand?
(In reply to Thomas Kahle from comment #2) > pax-mark -m mprime it's just "pax-mark m mprime", that should do what you want.
(In reply to Rick Farina (Zero_Chaos) from comment #4) > (In reply to Thomas Kahle from comment #2) > > pax-mark -m mprime > > it's just "pax-mark m mprime", that should do what you want. I tried both "m" and "-m" and from what I read from scanelf -x output the the result is the same = none. Is there any way I can test if this works on a non-hardened system?
(In reply to Thomas Kahle from comment #5) > (In reply to Rick Farina (Zero_Chaos) from comment #4) > > (In reply to Thomas Kahle from comment #2) > > > pax-mark -m mprime > > > > it's just "pax-mark m mprime", that should do what you want. > > I tried both "m" and "-m" and from what I read from scanelf -x output the > the result is the same = none. > Is there any way I can test if this works on a non-hardened system? Yes. Just boot into a vanilla kernel.
(In reply to Anthony Basile from comment #6) > (In reply to Thomas Kahle from comment #5) > > (In reply to Rick Farina (Zero_Chaos) from comment #4) > > > (In reply to Thomas Kahle from comment #2) > > > > pax-mark -m mprime > > > > > > it's just "pax-mark m mprime", that should do what you want. > > > > I tried both "m" and "-m" and from what I read from scanelf -x output the > > the result is the same = none. > > Is there any way I can test if this works on a non-hardened system? > > Yes. Just boot into a vanilla kernel. Sorry, my engrish: please exkuse :) I am on a non-hardened system. What I mean: I see no difference in the files installed on my system with either "pax-mark -m", "pax-mark m", or without pax-mark at all. Therefore I have no way to test if the solution works (and I conjectured that it does not). OK, I've committed a -r1 version with the pax-mark. I see no difference between -r0 and -r1, but maybe this is because I'm on vanilla? Please test and reopen.
(In reply to Thomas Kahle from comment #7) > OK, I've committed a -r1 version with the pax-mark. I see no difference > between -r0 and -r1, but maybe this is because I'm on vanilla? Please test > and reopen. If anyone can provide specific instructions on how to reproduce the crash, then I'm happy to test as well. I have no idea how to use gimps but I can install it and test whatever I'm told with good directions.
(In reply to Rick Farina (Zero_Chaos) from comment #8) > If anyone can provide specific instructions on how to reproduce the crash, > then I'm happy to test as well. I have no idea how to use gimps but I can > install it and test whatever I'm told with good directions. To reproduce on a hardened system without joining the prime search just try to run the torture test (running calculations with known result to check system reliability): # /opt/gimps/mprime -t Segmentation fault (In reply to Thomas Kahle from comment #7) > OK, I've committed a -r1 version with the pax-mark. I see no difference > between -r0 and -r1, but maybe this is because I'm on vanilla? Please test > and reopen. 27.9-r1 works - thanks!
(In reply to Andreas Prieß from comment #9) > 27.9-r1 works - thanks! Looks good here as well
