Attachment #25829 for bug #40665




	flag=$1
	fname=$2

	#einfo "chpax -$flag ${fname}"
	if [ -w ${fname} ]; then
		einfo "chpax -$flag ${fname}"
		/sbin/chpax -$flag ${fname}
		[ $? != 0 ] && eerror "error: chpax -$flag ${fname}"
	fi
}

fix_exempts() {
	#need to do this for foo{,bar,baz} expressions to work.
	PAGEEXEC_EXEMPT=`eval echo $PAGEEXEC_EXEMPT`
	TRAMPOLINE_EXEMPT=`eval echo $TRAMPOLINE_EXEMPT`
	RANDMMAP_EXEMPT=`eval echo $RANDMMAP_EXEMPT`
	MPROTECT_EXEMPT=`eval echo $MPROTECT_EXEMPT`
	SEGMEXEC_EXEMPT=`eval echo $SEGMEXEC_EXEMPT`
	RANDEXEC_EXEMPT=`eval echo $RANDEXEC_EXEMPT`
}

start() {
	checkconfig || return 1

	fix_exempts

	for p in $PAGEEXEC_EXEMPT; do chpax_flag p ${p} ;done
	for e in $TRAMPOLINE_EXEMPT; do chpax_flag e ${e} ;done
	for r in $RANDMMAP_EXEMPT; do chpax_flag r ${r} ;done

	checkconfig || return 1

	[ "$ZERO_FLAG_MASK" = "yes" ] || return 0
	fix_exempts
	einfo "chpax zero flag masking"
	for p in $PAGEEXEC_EXEMPT; do chpax_flag z ${p} ;done
	for e in $TRAMPOLINE_EXEMPT; do chpax_flag z ${e} ;done

Return to bug 40665

Lines 14-30 chpax_flag() { Link Here

(-)chpax.orig (-6 / +19 lines)
14	flag=$1	14	flag=$1
15	fname=$2	15	fname=$2
16		16
17	#if [ -w "$fname" ]; then	17	#einfo "chpax -$flag ${fname}"
18	einfo "/sbin/chpax -$flag $fname"	18	if [ -w ${fname} ]; then
19	eval "/sbin/chpax -$flag $fname"	19	einfo "chpax -$flag ${fname}"
20	#eval "/sbin/chpax -v $fname"	20	/sbin/chpax -$flag ${fname}
21	#[ $? != 0 ] && eerror "error: chpax -$flag ${fname}"	21	[ $? != 0 ] && eerror "error: chpax -$flag ${fname}"
22	#fi	22	fi
		23	}
		24
		25	fix_exempts() {
		26	#need to do this for foo{,bar,baz} expressions to work.
		27	PAGEEXEC_EXEMPT=`eval echo $PAGEEXEC_EXEMPT`
		28	TRAMPOLINE_EXEMPT=`eval echo $TRAMPOLINE_EXEMPT`
		29	RANDMMAP_EXEMPT=`eval echo $RANDMMAP_EXEMPT`
		30	MPROTECT_EXEMPT=`eval echo $MPROTECT_EXEMPT`
		31	SEGMEXEC_EXEMPT=`eval echo $SEGMEXEC_EXEMPT`
		32	RANDEXEC_EXEMPT=`eval echo $RANDEXEC_EXEMPT`
23	}	33	}
24		34
25	start() {	35	start() {
26	checkconfig \|\| return 1	36	checkconfig \|\| return 1
27		37
		38	fix_exempts
		39
28	for p in $PAGEEXEC_EXEMPT; do chpax_flag p ${p} ;done	40	for p in $PAGEEXEC_EXEMPT; do chpax_flag p ${p} ;done
29	for e in $TRAMPOLINE_EXEMPT; do chpax_flag e ${e} ;done	41	for e in $TRAMPOLINE_EXEMPT; do chpax_flag e ${e} ;done
30	for r in $RANDMMAP_EXEMPT; do chpax_flag r ${r} ;done	42	for r in $RANDMMAP_EXEMPT; do chpax_flag r ${r} ;done
Lines 39-44 stop() { Link Here
39	checkconfig \|\| return 1	51	checkconfig \|\| return 1
40		52
41	[ "$ZERO_FLAG_MASK" = "yes" ] \|\| return 0	53	[ "$ZERO_FLAG_MASK" = "yes" ] \|\| return 0
		54	fix_exempts
42	einfo "chpax zero flag masking"	55	einfo "chpax zero flag masking"
43	for p in $PAGEEXEC_EXEMPT; do chpax_flag z ${p} ;done	56	for p in $PAGEEXEC_EXEMPT; do chpax_flag z ${p} ;done
44	for e in $TRAMPOLINE_EXEMPT; do chpax_flag z ${e} ;done	57	for e in $TRAMPOLINE_EXEMPT; do chpax_flag z ${e} ;done