uni/universal.t ................................................... ok ===( 170542;17 60769/? 24/? 17/29 0/? 1404/? 1305/? 1022... )===/bin/bash: /var/package-manager/tmp/portage/dev-lang/perl-5.18.2-r1/work/perl-5.18.2/perl: Resource temporarily unavailable /bin/bash: /var/package-manager/tmp/portage/dev-lang/perl-5.18.2-r1/work/perl-5.18.2/perl: Success # Failed test 26 - bash/zsh-only test for 'fork' returning undef on failure at op/fork.t line 37 # got "" # expected "ok" op/fork.t ......................................................... Failed 1/26 subtests Tried with both dash and bash as /bin/sh symlink - nothing changed, may be this failure is related to using hardened kernel, from dmesg: grsec: denied resource overstep by requesting 18 for RLIMIT_NPROC against limit 1 for /bin/bash[bash:24193] uid/euid:250/250 gid/egid:250/250, parent /bin/bash[sh:24192] uid/euid:250/250 gid/egid:250/250 'fork' test does 'ulimit -u 1'. Portage 2.2.8-r1 (hardened/linux/amd64, gcc-4.7.3, glibc-2.19-r1, 3.14.15-hardened x86_64) ================================================================= System Settings ================================================================= KiB Mem: 61697116 total, 445692 free KiB Swap: 0 total, 0 free Timestamp of tree: Fri, 15 Aug 2014 13:45:01 +0000 ld GNU ld (Gentoo 2.23.2 p1.0) 2.23.2 app-shells/bash: 4.2_p45 dev-lang/python: 2.7.7 dev-util/pkgconfig: 0.28-r1 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.12.4 sys-apps/sandbox: 2.6-r1 sys-devel/binutils: 2.23.2 sys-devel/gcc: 4.7.3-r1 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4.2-r1 sys-devel/make: 3.82-r4 sys-kernel/linux-headers: 3.13 (virtual/os-headers) sys-libs/glibc: 2.19-r1 Repositories: gentoo nikoli ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=corei7-avx -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt /usr/share/themes/oxygen-gtk/gtk-2.0 /usr/share/themes/oxygen-gtk/gtk-3.0 /var/bind" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-march=corei7-avx -O2 -pipe" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs cgroup collision-protect config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync network-sandbox news parallel-fetch preserve-libs protect-owned sandbox sfperms strict test unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" LANG="en_US.UTF-8" LDFLAGS="-Wl,--hash-style=gnu -Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j9" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTDIR_OVERLAY="/var/lib/layman/nikoli" USE="X a52 aac acl acpi aes-ni alsa amd64 amr audiofile avx bash-completion bzip2 cairo caps cdda cddb cdio cdparanoia cdr celt cli consolekit cracklib crypt css cups cxx dbus djvu dri dvd dvdr encode exif fat ffmpeg flac fluidsynth fontconfig fortran gd geoip gif gimp gmp gphoto2 gpm graphviz gsm gstreamer gtk handbook hardened iconv icu id3tag idn imagemagick imap imlib ios ipod ipv6 jbig jpeg jpeg2k justify kde kipi lame laptop lcms libass libnotify libproxy libsamplerate lm_sensors lzma lzo mac mad matroska mikmod mmx mmxext mng modplug modules mp3 mp4 mtp multilib musepack musicbrainz ncurses networkmanager nls nptl nptlonly ntfs ogg openal openexr opengl openmp opus pam pango pax_kernel pcre pdf phonon plasma pm-utils png policykit postscript qt3support qt4 rar raw readline reiserfs replaygain rtmp sasl scanner semantic-desktop session smp sndfile socks5 speex spell sqlite sse sse2 sse3 sse4_1 ssl ssse3 startup-notification svg symlink sysfs taglib threads thumbnail tiff truetype udev udisks unicode upnp upower usb v4l v4l2 vcd vdpau vorbis vpx wavpack webkit webp wma x264 xattr xcb xcomposite xface xinerama xml xmp xpm xscreensaver xtpax xv xz zip zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="*" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="efi-64" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-minimizer" LINGUAS="ru ru_RU en" NGINX_MODULES_HTTP="access auth_basic autoindex fastcgi gzip rewrite" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7" QEMU_SOFTMMU_TARGETS="i386 x86_64" QEMU_USER_TARGETS="i386 x86_64" RUBY_TARGETS="ruby20" USERLAND="GNU" VIDEO_CARDS="radeon r600 modesetting vesa" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, SYNC, USE_PYTHON ================================================================= Package Settings ================================================================= dev-lang/perl-5.18.2-r1 was built with the following: USE="-berkdb -debug -doc -gdbm -ithreads" ABI_X86="64"
Created attachment 382930 [details] build.log.xz
For comparison, can you show what: bash -c 'ulimit -u 1; exec perl -E1' ; echo $? Does on your system with regards to GRSEC? ( and dmesg ) That should emit 0 and be fine, because it doesn't fork, just passes control. Also, what does: bash -c 'ulimit -u 1; exec perl -e "my \$pid = fork; if ( defined \$pid and \$pid == 0 ) { print qq[forked\n] }; if ( not defined \$pid ) { print qq[failed\n] }"'; echo $? This is pertinent, because the test in question is explicitly testing for the inability to fork, and is testing for perl itself to give the right result code when fork fails. So if grsec is *killing* perl for attempting to fork, then its breaking perl and that changes where/how we report the bug. Expected output for the second test is: > failed > 0
I'm not the original reporter, but I'm also seeing this test failure, with a hardened kernel with grsec *not* enabled. For me, both of those tests (when run as my normal user) give the same results: > bash: /usr/bin/perl: Resource temporarily unavailable > bash: /usr/bin/perl: Success > 126 Neither shows anything in dmesg (grsec isn't enabled in my kernel config). My emerge --info: Portage 2.2.8-r2 (hardened/linux/amd64, gcc-4.8.3, glibc-2.17, 3.15.8-hardened x86_64) ================================================================= System Settings ================================================================= System uname: Linux-3.15.8-hardened-x86_64-Intel-R-_Core-TM-_i5-2400_CPU_@_3.10GHz-with-gentoo-2.2 KiB Mem: 8073520 total, 884200 free KiB Swap: 11718652 total, 11157084 free Timestamp of tree: Sun, 02 Nov 2014 00:45:01 +0000 ld GNU ld (Gentoo 2.24 p1.4) 2.24 distcc 3.1 x86_64-pc-linux-gnu [disabled] app-shells/bash: 4.2_p53 dev-java/java-config: 2.2.0 dev-lang/perl: 5.18.2-r2 dev-lang/python: 2.7.7, 3.3.5-r1, 3.4.1 dev-util/cmake: 2.8.12.2-r1 dev-util/pkgconfig: 0.28-r1 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.12.4 sys-apps/sandbox: 2.6-r1 sys-devel/autoconf: 2.13, 2.69 sys-devel/automake: 1.10.3, 1.11.1, 1.13.4 sys-devel/binutils: 2.24-r3 sys-devel/gcc: 4.8.3 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4.2-r1 sys-devel/make: 4.0-r1 sys-kernel/linux-headers: 3.13 (virtual/os-headers) sys-libs/glibc: 2.17 Repositories: betagarden science sunrise seden lovelace luman steam-overlay localoverlay gentoo Installed sets: @archivers, @backup-options, @capitol-oldkernels, @devel, @dicts, @doc-conv, @docs, @emulation, @fonts, @looked-interesting, @maintenance, @ocr, @office, @sp-devel ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -march=core2 -mtune=generic" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="${CONFIG_PROTECT} /etc /etc/idea/conf /usr/share/config /usr/share/gnupg/qualified.txt /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-O2 -pipe -march=core2 -mtune=generic" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps y" FCFLAGS="-O2 -pipe -march=core2 -mtune=generic" FEATURES="assume-digests binpkg-logs candy collision-protect config-protect-if-modified distlocks ebuild-locks fakeroot fixlafiles merge-sync news parallel-fetch parallel-install preserve-libs protect-owned sandbox sfperms strict test unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync webrsync-gpg xattr" FFLAGS="-O2 -pipe -march=core2 -mtune=generic" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="en_US.UTF-8" LC_ALL="en_US.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j3 -l5" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/betagarden /usr/portage/local/layman/science /usr/portage/local/layman/sunrise /usr/portage/local/layman/seden /usr/portage/local/layman/lovelace /usr/portage/local/layman/luman /usr/portage/local/layman/steam /usr/local/portage /usr/portage" SYNC="rsync://myrriddium/gentoo-portage" USE="acpi alsa amd64 bash-completion berkdb bzip2 cddb cli cracklib crypt cxx dri gdbm hardened iconv ipv6 java java5 java6 jpeg justify libnotify libsecret lm_sensors mmx modules multilib ncurses nls nptl nvidia openmp pam pax_kernel pcre png readline session sse sse2 sse4_1 sse4_2 ssl ssse3 startup-notification tcpd theora truetype unicode urandom xattr xcomposite xdg xft xtpax xvmc zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="sheets words plan kexi braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="pdfimport wiki-publisher" LINGUAS="en en_US" NETBEANS_MODULES="cnd harness ide java nb javafx groovy profile" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_3" RUBY_TARGETS="ruby19 ruby20" USERLAND="GNU" VIDEO_CARDS="intel fbdev i915" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, INSTALL_MASK, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON ================================================================= Package Settings ================================================================= dev-lang/perl-5.18.2-r2 was built with the following: USE="berkdb gdbm -debug -doc -ithreads" ABI_X86="64"
Kent, sorry for delay, accidentally missed your comment. as root: # bash -c 'ulimit -u 1; exec perl -E1' ; echo $? 0 dmesg: no messages as user: $ bash -c 'ulimit -u 1; exec perl -E1' ; echo $? bash: /usr/bin/perl: Resource temporarily unavailable bash: /usr/bin/perl: Success 126 dmesg: [140505.129204] grsec: denied resource overstep by requesting 45 for RLIMIT_NPROC against limit 1 for /bin/bash[bash:5582] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:5572] uid/euid:1000/1000 gid/egid:1000/1000 as root: # bash -c 'ulimit -u 1; exec perl -e "my \$pid = fork; if ( defined \$pid and \$pid == 0 ) { print qq[forked\n] }; if ( not defined \$pid ) { print qq[failed\n] }"'; echo $? 0 # forked dmesg: no messages as user: $ bash -c 'ulimit -u 1; exec perl -e "my \$pid = fork; if ( defined \$pid and \$pid == 0 ) { print qq[forked\n] }; if ( not defined \$pid ) { print qq[failed\n] }"'; echo $? bash: /usr/bin/perl: Resource temporarily unavailable bash: /usr/bin/perl: Success 126 dmesg: grsec: denied resource overstep by requesting 45 for RLIMIT_NPROC against limit 1 for /bin/bash[bash:5596] uid/euid:1000/1000 gid/egid:1000/1000, parent /bin/bash[bash:5586] uid/euid:1000/1000 gid/egid:1000/1000 As root your commands work fine, but do not work for non root users. I have userpriv and usersandbox features enabled, so emerge runs tests as portage user.
We are not going to fix it in 5.18 at least, because of 5.20 stabilization. Please test it with latest perl distribution, and reopen if bug still valid.
Created attachment 396184 [details] Build log showing failing test with 5.20 The same test, and another, also fails for me with 5.20. emerge --info: Portage 2.2.14 (python 3.3.5-final-0, hardened/linux/amd64, gcc-4.8.3, glibc-2.17, 3.17.7-hardened-r1 x86_64) ================================================================= System Settings ================================================================= System uname: Linux-3.17.7-hardened-r1-x86_64-Intel-R-_Core-TM-2_Duo_CPU_T6670_@_2.20GHz-with-gentoo-2.2 KiB Mem: 6068348 total, 2180440 free KiB Swap: 6292476 total, 6292476 free Timestamp of tree: Wed, 11 Feb 2015 00:45:01 +0000 ld GNU ld (Gentoo 2.24 p1.4) 2.24 distcc 3.1 x86_64-pc-linux-gnu [disabled] app-shells/bash: 4.2_p53 dev-java/java-config: 2.2.0 dev-lang/perl: 5.18.2-r2 dev-lang/python: 2.7.7, 3.3.5-r1, 3.4.1 dev-util/cmake: 2.8.12.2-r1 dev-util/pkgconfig: 0.28-r1 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.13.9 sys-apps/sandbox: 2.6-r1 sys-devel/autoconf: 2.13, 2.69 sys-devel/automake: 1.11.6-r1, 1.13.4 sys-devel/binutils: 2.24-r3 sys-devel/gcc: 4.8.3 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4.4 sys-devel/make: 4.0-r1 sys-kernel/linux-headers: 3.16 (virtual/os-headers) sys-libs/glibc: 2.17 Repositories: lovelace sunrise luman steam-overlay laptop_local gentoo Installed sets: @archivers, @backup-options, @devel, @dicts, @doc-conv, @docs, @emulation, @fonts, @laptop, @maintenance, @office, @sp-devel ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -march=core2" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="${CONFIG_PROTECT} /etc /etc/idea/conf /usr/share/config /usr/share/gnupg/qualified.txt /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-O2 -pipe -march=core2" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps y" FCFLAGS="-O2 -pipe -march=core2" FEATURES="assume-digests binpkg-logs candy collision-protect config-protect-if-modified distlocks ebuild-locks fakeroot fixlafiles merge-sync news parallel-fetch parallel-install preserve-libs protect-owned sandbox sfperms strict test unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync webrsync-gpg xattr" FFLAGS="-O2 -pipe -march=core2" GENTOO_MIRRORS="http://lug.mtu.edu/gentoo/ http://gentoo.osuosl.org/ http://gentoo.cites.uiuc.edu/pub/gentoo/ http://distfiles.gentoo.org" LANG="en_US.UTF-8" LC_ALL="en_US.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/var/lib/layman/lovelace /var/lib/layman/sunrise /var/lib/layman/luman /var/lib/layman/steam-overlay /usr/local/portage /usr/portage" SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage" USE="acpi alsa amd64 bash-completion berkdb bzip2 cddb cli cracklib crypt cxx dri gdbm hardened iconv ipv6 jaa java6 jpeg justify libav libnotify libsecret lm_sensors mmx mmxext modules multilib ncurses nls nptl ogg openmp pam pax_kernel pcre png readline session sse sse2 sse3 sse4_1 ssl ssse3 startup-notification tcpd test theora truetype unicode urandom vorbis xattr xcomposite xft xtpax zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="sheets words plan kexi braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2 sse3 sse4_1 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="evdev synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="pdfimport" LINGUAS="en en_US" NETBEANS_MODULES="harness ide java nb javafx profile" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_3" RUBY_TARGETS="ruby19 ruby20" USERLAND="GNU" VIDEO_CARDS="intel fbdev i915" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, INSTALL_MASK, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON
dev-lang/perl-5.20.2 still fails fork test for me.
Created attachment 400644 [details] perl-5.20.2_build.log.xz
This are-ulimit-limits-enforced test issue is that perl never gets run on grsec _patched_ kernels (not a feature you can turn on or off). It looks like there is no fork bomb-like none of the tests underneath, so i suggest to consider an empty result string (or nonzero exit code) as an 'ok' here. Safer solution (tests running host wise) is to skip this test if $out is empty. For the record, an execve will fail if _both_ the PF_NPROC_EXCEEDED flag is set and the limit is currently reached. Grsec will set this flag as soon as ulimit is called if limit is reached, although pristine kernel just leaves it untouched in this case.
This looks like a hardened-specific problem. Patches or advice welcome.
Same test also fails for dev-lang/perl-5.22.2.
*** Bug 598338 has been marked as a duplicate of this bug. ***
Hardened-sources is no longer in the tree
