issues with hlfs svn-20051102

Tobias Stoeckmann tobias at
Sun Nov 6 00:57:20 PST 2005


during compilation of HLFS SVN-20051102 I had following issues:

--- procps.xml~ Sun Nov  6 09:35:32 2005
+++ procps.xml  Sun Nov  6 09:35:37 2005
@@ -30,7 +30,7 @@

 <para>Apply a patch to ... EDIT ME</para>

-<screen><userinput>patch -Np1 -i ../procps-3.2.5-hardened_cflags-1.patch</userinput></screen>
+<screen><userinput>patch -Np1 -i ../procps-3.2.6-hardened_cflags-1.patch</userinput></screen>

 <para>Compile the package:</para>

(obvious one: patch name should be increased)

--- shadow.xml~ Sun Nov  6 09:34:23 2005
+++ shadow.xml  Sun Nov  6 09:34:15 2005
@@ -82,7 +82,7 @@

 <screen><userinput>sed -e' at MD5_CRYPT_ENAB yes@' \
     -e 's@/var/spool/mail@/var/mail@' \
-    etc/login.defs.linux > etc/
+    etc/login.defs > etc/
 install -m644 etc/ /etc/login.defs</userinput></screen>

 <para>Move a misplaced program to its proper location:</para>

(in the latest shadow package there is no login.defs.linux anymore)

I have activated all grsecurity options in kernel, except

* auditing options
(i.e. I left out the options that were noted as "should not" in the book)

When I try to execute /bin/ps with this kernel I get:

ps: error while loading shared libraries: cannot make segment writable for relocation: Permission denied

I had to disable MPROTECT with paxctl for /bin/ps:

# paxctl -m /bin/ps

Tobias Stoeckmann

More information about the hlfs-dev mailing list