*** Trying the 'monolite' directory. make[7]: Entering directory `/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9/mcs' make[8]: Entering directory `/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9/mcs' file /var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9/mono/mini/mono does not have a PT_PAX_FLAGS program header, try conversion make[8]: *** [build/deps/basic-profile-check.exe] Segmentation fault make[8]: Leaving directory `/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9/mcs' make[8]: Entering directory `/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9/mcs' *** The contents of your 'monolite' directory may be out-of-date *** You may want to try 'make get-monolite-latest' make[8]: *** [do-profile-check-monolite] Error 1 make[8]: Leaving directory `/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9/mcs' make[7]: *** [do-profile-check] Error 2 make[7]: Leaving directory `/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9/mcs' make[6]: *** [do-profile-check-monolite] Error 2 make[6]: Leaving directory `/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9/mcs' make[5]: *** [do-profile-check] Error 2 make[5]: Leaving directory `/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9/mcs' make[4]: *** [profile-do--basic--all] Error 2 make[4]: Leaving directory `/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9/mcs' make[3]: *** [profiles-do--all] Error 2 make[3]: Leaving directory `/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9/mcs' make[2]: *** [all-local] Error 2 make[2]: Leaving directory `/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9/runtime' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9' make: *** [all] Error 2 * ERROR: dev-lang/mono-2.10.9-r2 failed (compile phase): * emake failed * * If you need support, post the output of `emerge --info '=dev-lang/mono-2.10.9-r2'`, * the complete build log and the output of `emerge -pqv '=dev-lang/mono-2.10.9-r2'`. * The complete build log is located at '/var/tmp/portage/dev-lang/mono-2.10.9-r2/temp/build.log'. * The ebuild environment file is located at '/var/tmp/portage/dev-lang/mono-2.10.9-r2/temp/environment'. * Working directory: '/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9' * S: '/var/tmp/portage/dev-lang/mono-2.10.9-r2/work/mono-2.10.9' >>> Failed to emerge dev-lang/mono-2.10.9-r2, Log file: After replacing: sed '/exec/ i\paxctl -mr "$r/@mono_runtime@"' -i "${S}"/runtime/mono-wrapper.in with: sed '/exec/ i\paxctl-ng -mr "$r/@mono_runtime@"' -i "${S}"/runtime/mono-wrapper.in in ebuild it emerges. Reproducible: Always
What is paxctl-ng?
it's part of sys-apps/elfix package, it's utility which can store pax flags in user.pax.flags xattr attribute, (it also can set elf pax flags if necessary) to know more about xattr pax flags take a look at: http://www.gentoo.org/proj/en/hardened/pax-migrate-xattr.xml
Created attachment 349152 [details, diff] ebuild patch paxmark.sh was introduced with latest pypax (dev-python/pypax-0.8.3) to be used as script which automatically decides to what utility use to paxmark stuff in cases where pax-utils eclass cannot be used. It emerges fine with attached patch.
Could you provide a patch for 3.0.7 also? @hardened team, are you ok with using this utility for pax marking?
(In reply to Pacho Ramos from comment #4) > Could you provide a patch for 3.0.7 also? @hardened team, are you ok with > using this utility for pax marking? I'm okay with use of paxmark.sh for pax marking when we can't use the eclass
Created attachment 349364 [details, diff] ebuild patch for mono-3.0.7 Here is patch for 3.0.7. It emerges fine with it, without it fails.
If any from hardened team has a bit of time to commit, please feel free (I will do when I am able to )
only 2.x is touched by this now (3.2.8 is using paxctl-ng now). 2.10.9-r2 is now fixed as well, closing :D