I've had to drop the 'Disallow ELF text relocations' option due to problems with MySQL, so I think you will be saving yourself some trouble by going ahead and disabling it. It does some whacky things with compiles, too.
just my 2 cents.. ;) > hi everyone, > > I've been using grsecurity patches in a production box since January. > A couple of days ago, I had to reboot and found out that apache2 wouldn't > start. It couldn't start the php module (4.3.11 compiled the day before). > mod_php 4.3.10 was compiled in December 19 and worked fine even with > grsecurity. > > gw root # /etc/init.d/apache2 restart > * Apache2 has detected a syntax error in your configuration files: > Syntax error on line 6 of /usr/lib/apache2/conf/modules.d/70_mod_php.conf: > Cannot load /usr/lib/apache2/extramodules/libphp4.so into > server: /usr/lib/apache2/extramodules/libphp4.so: cannot make segment > writable for relocation: Permission denied > gw root # > > After some quick googling, I found this issue to be related to a PAX > kernel > option that I have enabled: > (http://www.gentoo.org/proj/en/hardened/hardenedfaq.xml?style=printable#paxnoelf) > > This apache2 mod_php module code may be killed by the kernel's PAX > features, > but what puzzles me is that the old one (4.3.10) worked fine in the same > environment. The help text indicates that this could be result of > misbehaving > assembly code... in mod_php?? > > After that, I tried > chpax -m /usr/sbin/apache2 /usr/lib/apache2/extramodules/libphp4.so > and even further with chpax -pmrs to the same files. No luck. What can be > going on here? > > I tried recompiling the mod_php module but of course, no luck. > > Any help?? I'd like to keep mprotect() restricted but with an exception > for > mod_php... is this possible? > > regards, > pedro venda. > > p.s.: this is the second time I'm sending this, I didn't get it back and > it > didn't appear in the list archives. > -- > > Pedro Jo�o Lopes Venda > email: pjlv < at > mega.ist.utl.pt > http://arrakis.dhis.org > -- [email protected] mailing list
