Summary: | unable to build xorg-x11-6.8.0-r3 with grsecurity TPE enabled | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | barthek <gejzer> |
Component: | New packages | Assignee: | Gentoo X packagers <x11> |
Status: | RESOLVED UPSTREAM | ||
Severity: | normal | CC: | hardened |
Priority: | High | ||
Version: | 2004.2 | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
barthek
2004-11-23 13:02:57 UTC
No clue, hardened people please help. The user has TPE enabled. Gentoo makes not guarentee that all packages conform to a TPE setup. Donnie you can't really fix this unless you want to rewrite how the Imake functions. I'd suggest this be considered UPSTREAM unless somebody has a patch. But even then... xfree is only going to live in the tree for another 30ish days.. Is this still an issue w/ xorg? yes, indeed I have enabled trusted path execution of grsecurity. xorg-x11 has the same problem: ./config/imake/imake -I./config/cf -s ./config/makedepend/Makefile.proto -f ./config/makedepend/Imakefile -DTOPDIR=../.. -DCURDIR=./config/makedepend sh: /var/tmp/portage/xorg-x11-6.8.0-r3/temp/imakeqHBNcj: Permission denied make[1]: *** [config/makedepend/Makefile.proto] Aborted (core dumped) make[1]: *** Deleting file `config/makedepend/Makefile.proto' make[1]: Leaving directory `/home/tmp/portage/xorg-x11-6.8.0-r3/work/xc' make: *** [World] Error 2 !!! ERROR: x11-base/xorg-x11-6.8.0-r3 failed. !!! Function src_compile, Line 624, Exitcode 2 :( and BTW: disabling sandboxing stuff makes it compile just fine. I suggest you file a bug at bugs.freedesktop.org on this, and post the URL here once you do. hmm and wouldnt it be more feasible to give a warning or error when TPE is enabled (question is how to properly detect it when sysctl is not used) together with sandboxing features of emerge ? Marking upstream for source compatibility. If you'd like to attach an ebuild patch to check for TPE etc and warn about it, then reopen the bug, that could work. Is this still an issue with current X versions? |