Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 517000 - dev-lisp/sbcl should not invoke paxctl directly
Summary: dev-lisp/sbcl should not invoke paxctl directly
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Development (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Panagiotis Christopoulos (RETIRED)
URL:
Whiteboard:
Keywords: PATCH
Depends on: 519040
Blocks: paxctl-directly
  Show dependency tree
 
Reported: 2014-07-12 20:52 UTC by Mira Ressel
Modified: 2014-08-05 12:48 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Patch for dev-lisp/sbcl ebuilds replacing paxctl with paxmark.sh (sbcl_paxmark.patch,642 bytes, patch)
2014-07-12 20:52 UTC, Mira Ressel 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mira Ressel 2014-07-12 20:52:05 UTC 
Created attachment 380650 [details, diff]
Patch for dev-lisp/sbcl ebuilds replacing paxctl with paxmark.sh

The dev-lisp/sbcl ebuilds invoke the paxctl utility in src_compile(). This shouldn't be done anymore because recently Hardened Gentoo has added support for XATTR-based PaX markings, which are supposed to replace the old ELF header-based markings. paxctl can't set these XATTR marks.

Therefore, the paxmark.sh script, which is also available on all Hardened Gentoo systems, should be used instead of paxctl.

The attached patch incorporates this change, and on top of that I've removed the unneccessary "paxctl/paxmark.sh -C" calls and simplified the sed pattern.
Comment 1 Mark Wright gentoo-dev 2014-08-04 13:52:42 UTC 
Applied to all versions, thanks to Luis Ressel for fixing and reporting.
Comment 2 Panagiotis Christopoulos (RETIRED) gentoo-dev 2014-08-04 16:56:15 UTC 
I'm reopening this cause of bug 519040. I did not have much time to look into it, hope this is not false alarm.
Comment 3 Mark Wright gentoo-dev 2014-08-05 12:48:30 UTC 
Fixed:
Fix Bug 519040 - dev-lisp/sbcl-1.2.2: emerge fails on PaX system: paxctl not set on internal sbcl, thanks to Klaus Kusche for reporting. Fix Bug 517000 - dev-lisp/sbcl should not invoke paxctl directly, thanks to Luis Ressel for the earlier fix and reporting.  Add to IUSE pax-kernel and to DEPEND pax_kernel? ( sys-apps/paxctl sys-apps/elfix ).