issues with hlfs svn-20051102

Robert Connolly robert at linuxfromscratch.org
Sun Nov 6 16:35:58 PST 2005


Thanks. I fixed the procps and shadow xml pages. I also messed up the procps 
patch. I just sent a new one to patches at . To fix it temporarily just 
reinstall procps without the patch (it just means -fpie won't get used). You 
should not need to run paxctl on /bin/ps.

robert

On November 6, 2005 03:57 am, Tobias Stoeckmann wrote:
> Hi,
>
> during compilation of HLFS SVN-20051102 I had following issues:
>
> --- procps.xml~ Sun Nov  6 09:35:32 2005
> +++ procps.xml  Sun Nov  6 09:35:37 2005
> @@ -30,7 +30,7 @@
>
>  <para>Apply a patch to ... EDIT ME</para>
>
> -<screen><userinput>patch -Np1 -i
> ../procps-3.2.5-hardened_cflags-1.patch</userinput></screen>
> +<screen><userinput>patch -Np1 -i
> ../procps-3.2.6-hardened_cflags-1.patch</userinput></screen>
>
>  <para>Compile the package:</para>
>
> (obvious one: patch name should be increased)
>
> --- shadow.xml~ Sun Nov  6 09:34:23 2005
> +++ shadow.xml  Sun Nov  6 09:34:15 2005
> @@ -82,7 +82,7 @@
>
>  <screen><userinput>sed -e's@#MD5_CRYPT_ENAB.no at MD5_CRYPT_ENAB yes@' \
>      -e 's@/var/spool/mail@/var/mail@' \
> -    etc/login.defs.linux > etc/login.defs.new
> +    etc/login.defs > etc/login.defs.new
>  install -m644 etc/login.defs.new /etc/login.defs</userinput></screen>
>
>  <para>Move a misplaced program to its proper location:</para>
>
> (in the latest shadow package there is no login.defs.linux anymore)
>
>
> I have activated all grsecurity options in kernel, except
>
> * auditing options
> * CONFIG_PAX_SOFTMODE
> * CONFIG_PAX_EI_PAX
> * CONFIG_PAX_EMUTRAMP
> * CONFIG_GRKERNSEC_TPE_ALL
> * CONFIG_GRKERNSEC_KMEM
> * CONFIG_GRKERNSEC_IO
> (i.e. I left out the options that were noted as "should not" in the book)
>
> When I try to execute /bin/ps with this kernel I get:
>
> ps: error while loading shared libraries: cannot make segment writable for
> relocation: Permission denied
>
> I had to disable MPROTECT with paxctl for /bin/ps:
>
> # paxctl -m /bin/ps
>
>
> Tobias Stoeckmann



More information about the hlfs-dev mailing list