Hi, A new version of paxtest is available (0.9.9), the latest ebuild in the tree is for 0.9.7_pre5 and it would be nice to have the new one available via portage :). Source code for the new version is available here: http://grsecurity.net/~spender/paxtest-0.9.9.tgz I tried to create a new ebuild locally and I've used the previous one as a starting point which worked fine apart from QA message below (tested on amd64 only): * QA Notice: Files built without respecting LDFLAGS have been detected * Please include the following list of files in your report: * /usr/lib64/paxtest/anonmap * /usr/lib64/paxtest/execbss * /usr/lib64/paxtest/execdata * /usr/lib64/paxtest/execheap * /usr/lib64/paxtest/execstack * /usr/lib64/paxtest/getamap * /usr/lib64/paxtest/getheap1 * /usr/lib64/paxtest/getheap2 * /usr/lib64/paxtest/getmain1 * /usr/lib64/paxtest/getmain2 * /usr/lib64/paxtest/getshlib * /usr/lib64/paxtest/getstack1 * /usr/lib64/paxtest/getstack2 * /usr/lib64/paxtest/mprotanon * /usr/lib64/paxtest/mprotbss * /usr/lib64/paxtest/mprotdata * /usr/lib64/paxtest/mprotheap * /usr/lib64/paxtest/mprotshbss * /usr/lib64/paxtest/mprotshdata * /usr/lib64/paxtest/mprotstack * /usr/lib64/paxtest/randamap * /usr/lib64/paxtest/randheap1 * /usr/lib64/paxtest/randheap2 * /usr/lib64/paxtest/randmain1 * /usr/lib64/paxtest/randmain2 * /usr/lib64/paxtest/randshlib * /usr/lib64/paxtest/randstack1 * /usr/lib64/paxtest/randstack2 * /usr/lib64/paxtest/rettofunc1 * /usr/lib64/paxtest/rettofunc1x * /usr/lib64/paxtest/rettofunc2 * /usr/lib64/paxtest/rettofunc2x * /usr/lib64/paxtest/shlibbss * /usr/lib64/paxtest/shlibdata * /usr/lib64/paxtest/shlibtest.so * /usr/lib64/paxtest/shlibtest2.so * /usr/lib64/paxtest/writetext which seems to be due to my LDFLAGS including '--hash-style=gnu' (LDFLAGS="-Wl,-O1 -Wl,--sort-common,--warn-once,--hash-style=gnu"). When compiled without '--hash-style' option, no QA messages are reported. Unfortunately I don't know how this should be fixed properly... Reproducible: Always Steps to Reproduce: 1. download http://grsecurity.net/~spender/paxtest-0.9.9.tgz 2. unpack, compile, run and enjoy! ;) Expected Results: paxtest-0.9.9.ebuild in the tree :)
Created attachment 238255 [details] Ebuild @solar: I wrote an ebuild for this and tested. Should I put it up on the tree?
Created attachment 238257 [details, diff] Replace -O2 with imported CFLAGS
adding to tree?
(In reply to comment #3) > adding to tree? > > Solar is the maintainer, I did the leg work, but I will not add to the tree without his blessing.
(In reply to comment #4) > Solar is the maintainer, I did the leg work, but I will not add to the tree > without his blessing. Blessing granted. When you bump the pkg. Please set the maintainer to hardened@ or blueness@ Thanks in advance.
In the tree. See also bug #331599.