| Summary: | dev-lisp/sbcl should not invoke paxctl directly | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Mira Ressel <aranea> |
| Component: | [OLD] Development | Assignee: | Panagiotis Christopoulos (RETIRED) <pchrist> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | bugs, common-lisp, proxy-maint |
| Priority: | Normal | Keywords: | PATCH |
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 519040 | ||
| Bug Blocks: | 516158 | ||
| Attachments: | Patch for dev-lisp/sbcl ebuilds replacing paxctl with paxmark.sh | ||
Applied to all versions, thanks to Luis Ressel for fixing and reporting. I'm reopening this cause of bug 519040. I did not have much time to look into it, hope this is not false alarm. Fixed: Fix Bug 519040 - dev-lisp/sbcl-1.2.2: emerge fails on PaX system: paxctl not set on internal sbcl, thanks to Klaus Kusche for reporting. Fix Bug 517000 - dev-lisp/sbcl should not invoke paxctl directly, thanks to Luis Ressel for the earlier fix and reporting. Add to IUSE pax-kernel and to DEPEND pax_kernel? ( sys-apps/paxctl sys-apps/elfix ). |
Created attachment 380650 [details, diff] Patch for dev-lisp/sbcl ebuilds replacing paxctl with paxmark.sh The dev-lisp/sbcl ebuilds invoke the paxctl utility in src_compile(). This shouldn't be done anymore because recently Hardened Gentoo has added support for XATTR-based PaX markings, which are supposed to replace the old ELF header-based markings. paxctl can't set these XATTR marks. Therefore, the paxmark.sh script, which is also available on all Hardened Gentoo systems, should be used instead of paxctl. The attached patch incorporates this change, and on top of that I've removed the unneccessary "paxctl/paxmark.sh -C" calls and simplified the sed pattern.