2013.Május 29.(Sze) 03:29 időpontban Anthony G. Basile ezt írta: > On 05/28/2013 07:46 PM, "Tóth Attila" wrote: >> If PT_PAX has E, python2.7 would not start on my system. >> Let's correct that: >> paxctl-ng -e /usr/bin/python2.7 >> >> Now python works again. > > Something changed in the latest python upgrades because I'm having > problems of a different nature. I'll have to investigate. >
I wanted the community to know, that the situation looks scary for the first time, but there's an easy fix. In case anybody else runs into this. >> >> Sidenote: >> Even after running migrate-pax -m, there are binaries on the system >> having >> only PT_PAX marking. Example: >> migrate-pax -m >> paxctl-ng -v /usr/bin/clear >> /usr/bin/clear: >> PT_PAX : -e--- >> XATTR_PAX : not found >> > > Unfortunately it is very difficult to find everything that links against > everything on a system. First there's just a simple logistic problem, > going through all ELF on a system and running ldd (or readelf -d) is > time consuming and likely to miss stuff. On gentoo with portage (not > paludis!) we have linkage info in NEEDED.ELF.2 in vdb created at build > time by examing linkage info, but this also can't be everything. > Consider plugins that dlopen-ed at runtime. > > So something will be missed. Is there an easy command I can use to list binaries having PT_PAX flags and missing XATTR_PAX flags? > > BUT! > > That's not what's happening there. No XATTR_PAX flags implies the > default markings which is "-e---". This is so we don't have to go > around creating xattrs on every ELF binary on your system just to get > the default. Upstream wanted it that way and it does make sense. According to my recent experience, if EMUTRAMP is enabled by a PT_PAX flag and there's no XATTR_PAX flag present, the system will listen to the PT_PAX flag. Can I influence this behavior to rather use the mentioned XATTR_PAX default and don't pay attention to the PT_PAX flag? Thanks: Dw. -- dr Tóth Attila, Radiológus, 06-20-825-8057 Attila Toth MD, Radiologist, +36-20-825-8057
