Summary: | dev-db/couchdb - /usr/lib/couchdb/bin/couchjs needs pax-mark mr on PaX-enabled systems. | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Mira Ressel <aranea> |
Component: | [OLD] Development | Assignee: | Dirkjan Ochtman (RETIRED) <djc> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | hardened |
Priority: | Normal | Keywords: | PATCH |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | Patch for dev-db/couchdb-1.2.1.ebuild |
Description
Mira Ressel
2012-11-10 17:23:36 UTC
Sorry for the extra mail, category change has reset "assigned to". :( The PaX feature RANDMMAP also has to be disabled, otherwise couchjs will get stuck in an infinite loop inside libmozjs. So it's 'pax-mark mr "${D}/usr/bin/couchjs"' what you have to add to the ebuild. Does that need to be guarded by a use hardened condition or something similar? I don't have much experience with hardened systems, so an actual patch would be welcome. Created attachment 340680 [details, diff]
Patch for dev-db/couchdb-1.2.1.ebuild
Aww, my comment somehow didn't get through, so here it is again: No, pax-mark can be called unconditionally. In this particular case, it has to be called from src_compile, otherwise the tests won't pass. The patch looks okay for mee. Committed couchdb-1.3.0 with this fix. |