Summary: | firefox 5.0 emerge completely broken on PaX system | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Klaus Kusche <klaus.kusche> |
Component: | Current packages | Assignee: | Gentoo Linux bug wranglers <bug-wranglers> |
Status: | RESOLVED DUPLICATE | ||
Severity: | blocker | CC: | anton.kochkov |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | Patch based on the information provided by the bug submitter |
Description
Klaus Kusche
2011-06-25 19:56:39 UTC
I can confirm that part 1 is needed indeed to complete the emerge. Part 2 is about applying paxctl to a shell wrapper instead of the binary, this needs to be fixed aswell - alternatively ship a preferences file to disable jit maybe. Part 3 is correct, too. Created attachment 278177 [details, diff]
Patch based on the information provided by the bug submitter
Patch based on the information provided by the bug submitter
see also bugs: https://bugs.gentoo.org/show_bug.cgi?id=373029 https://bugs.gentoo.org/show_bug.cgi?id=373071 with attached patch firefox builds ok, but it doesnt start. *** This bug has been marked as a duplicate of bug 372947 *** Please un-duplicate and reopen (and I think it should be assigned to firefox, not to hardened gentoo). * Item 3 of this bug is not contained at all in 372947, and is a fatal issue, so this report is a superset of 372947. * The solution in 372947 doesn't apply to this report at all: 372947's proposed solution depends on the "hardened" USE flag and doesn't change anything on non-hardened systems. However, not all PaX systems are "hardened": "hardened" means "hardened toolchain" and "pie executables", but I have PaX with normal toolchain and standard (non-pie) executables, and hence don't have "hardened" set! * 372947 is quite unclear (looks like a space problem at the first glance) and doesn't mention PaX, neither in the header nor in the text, although the problem is all about paxctl. * 372947 tries to solve the problem in a completely different way: As far as I can tell, 372947 tries to compile firefox without JIT, hoping to make it work without setting paxctl -m for it. This report is about adding the necessary paxctl's to the ebuild to make firefox with JIT work (I could live with the other no-JIT no-paxctl solution, too, but my item 3 needs paxctl for flash and java anyway, hence there is no gain in compiling firefox without JIT). |