More errata. On 170114-13:06+0100, Miroslav Rovis wrote: > On 170113-23:50+0100, Miroslav Rovis wrote: ... > > The (gzip'ed) virt-viewer-5.0-r1.ebuild is included for completeness, and to > demonstrate the issue awaiting Gentoo, and any other distro with a > non-poetterware offer, in the future. > > I patched it by placing the patch:
( in the slightly wrong way, because it would try to patch that 3.1-r1
version, not just the 5.0-r1 version )
> gtk+-2_revert.patch
>
> like this:
>
> # ls -lRa /etc/portage/patches/app-emulation/
> /etc/portage/patches/app-emulation/:
> total 12
> drwxr-xr-x 3 portage portage 4096 2017-01-13 10:24 .
> drwxr-xr-x 7 portage portage 4096 2017-01-13 10:24 ..
> drwxr-xr-x 2 portage portage 4096 2017-01-14 09:21 virt-viewer
>
> /etc/portage/patches/app-emulation/virt-viewer:
> total 20
> drwxr-xr-x 2 portage portage 4096 2017-01-14 09:21 .
> drwxr-xr-x 3 portage portage 4096 2017-01-13 10:24 ..
> -rw-r--r-- 1 portage portage 12189 2017-01-13 17:33 gtk+-2_revert.patch
> #
The right way is (with the same patch):
# ls -lRa /etc/portage/patches/app-emulation/
/etc/portage/patches/app-emulation/:
total 12
drwxr-xr-x 3 portage portage 4096 2017-01-13 10:24 .
drwxr-xr-x 7 portage portage 4096 2017-01-13 10:24 ..
drwxr-xr-x 2 portage portage 4096 2017-01-14 09:21 virt-viewer
/etc/portage/patches/app-emulation/virt-viewer-5.0:
total 20
drwxr-xr-x 2 portage portage 4096 2017-01-14 09:21 .
drwxr-xr-x 3 portage portage 4096 2017-01-13 10:24 ..
-rw-r--r-- 1 portage portage 12189 2017-01-13 17:33 gtk+-2_revert.patch
#
where notice the change in this line:
/etc/portage/patches/app-emulation/virt-viewer-5.0:
^ ^ ^ ^ ^ ^ ^ ^
and that does not try to patch 3.1-r1
...
And with regard to this:
> but it was still to no avail, because they are starting to implement the new
> API of GTK3, and the GTK2, which in Gentoo and in some other distros is kept
> so dbus is not a dependency, don't have those new calls, functions et cetera.
>
> If anybody is interested, I attach the install log:
>
> app-emulation_virt-viewer-5.0-r1_20170113-164725.log.gz
> (that's from /var/log/portage, just I replaced the : with _)
>
> where it's easy to spot lines like:
>
> virt-viewer-app.h:47:5: error: unknown type name 'GtkApplicationClass'
>
> because the new API is missing in GTK2. And the package virt-viewer cannot
> possibly compile.
>
you can read in the changelog of the source of virt-viewer-5.0, if you
unpack the virt-viewer-5.0.tar.gz, these lines:
/usr/portage/distfiles/virt-viewer-5.0.tar.gz
virt-viewer-5.0/ChangeLog :
[...]
2016-02-15 Fabiano FidĂȘncio <[email protected]>
Drop support to gtk2
The 3.0 release was the last one that still supports GTK2. For the
Windows builds the support to GTK2 was dropped in the previous release.
Let's do the same for the entire project now.
2016-02-15 Pavel Grunt <[email protected]>
display: Use correct variable name
Fix gtk2 build
[...]
All that means more work for our developers, since I don't believe that
the dbus useflag would be invalidated to impose dbus on Gentoo users,
and if anybody knows that GTK3 might ever in the future drop dependency
to dbus, pls. do tell us!
Otherwise, I was able to follow my tip "GUI-less (non-dbus) virt-manager
(to run Tails in Gentoo)" and the attachments thereof to install all
correctly in my Air-Gapped.
But I want to try and install Tails into, and later run it form, either
real or virtual USB storage, and of course, with persistent volume
available, which will all take me more familiarizing with all these
virtualization tools and ways.
The problem is, and it's my grsecurity hardened kernel that's logging it
in my syslog, the installed virtual machine tails domain keeps trying to
connect to, I guess tor nodes, by inexistent, or fake should I say,
subjects, have a look (it's verbose, but it's complete information about
this segment, along with the information that it is what has been
happening consistently for all these hours since the installation, of
course, the IP addresses of the presumed nodes varying all the time as
well):
Jan 14 21:30:01 g0n kernel: [358997.592199] grsec: (root:U:/) exec of
/usr/bin/find (find /var/spool/cron/lastrun -name cron.daily -cmin +1445
-exec rm {} ; ) by /usr/bin/find[run-crons:22618] uid/euid:0/0
gid/egid:0/0, parent /usr/sbin/run-crons[run-crons:22614] uid/euid:0/0
gid/egid:0/0
[721 lines cut]
Jan 14 21:30:44 g0n kernel: [359041.239800] grsec: (miro:U:/) denied
connect() to 81.7.16.59 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:31:49 g0n kernel: [359106.109822] grsec: (miro:U:/) denied
connect() to 81.7.16.59 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:31:49 g0n kernel: [359106.116131] grsec: (miro:U:/) denied
connect() to 87.50.53.32 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:31:50 g0n kernel: [359107.107501] grsec: (miro:U:/) denied
connect() to 81.7.16.59 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:31:50 g0n kernel: [359107.115523] grsec: (miro:U:/) denied
connect() to 87.50.53.32 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:31:52 g0n kernel: [359109.111597] grsec: more alerts, logging
disabled for 10 seconds
Jan 14 21:32:04 g0n kernel: [359121.143517] grsec: (miro:U:/) denied
connect() to 81.7.16.59 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:32:04 g0n kernel: [359121.143729] grsec: (miro:U:/) denied
connect() to 87.50.53.32 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:32:20 g0n kernel: [359137.175675] grsec: (miro:U:/) denied
connect() to 81.7.16.59 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:32:20 g0n kernel: [359137.176224] grsec: (miro:U:/) denied
connect() to 87.50.53.32 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:32:52 g0n kernel: [359169.239772] grsec: (miro:U:/) denied
connect() to 81.7.16.59 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:32:52 g0n kernel: [359169.240334] grsec: (miro:U:/) denied
connect() to 87.50.53.32 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:33:57 g0n kernel: [359234.113590] grsec: (miro:U:/) denied
connect() to 81.7.11.154 port 80 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:33:58 g0n kernel: [359235.111410] grsec: (miro:U:/) denied
connect() to 81.7.11.154 port 80 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:34:00 g0n kernel: [359237.115646] grsec: (miro:U:/) denied
connect() to 81.7.11.154 port 80 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:34:04 g0n kernel: [359241.127711] grsec: (miro:U:/) denied
connect() to 81.7.11.154 port 80 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:34:12 g0n kernel: [359249.143691] grsec: (miro:U:/) denied
connect() to 81.7.11.154 port 80 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:34:28 g0n kernel: [359265.175692] grsec: (miro:U:/) denied
connect() to 81.7.11.154 port 80 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:35:00 g0n kernel: [359297.239737] grsec: (miro:U:/) denied
connect() to 81.7.11.154 port 80 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:36:05 g0n kernel: [359362.115614] grsec: (miro:U:/) denied
connect() to 82.168.14.146 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:36:06 g0n kernel: [359363.115468] grsec: (miro:U:/) denied
connect() to 82.168.14.146 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:36:08 g0n kernel: [359365.119719] grsec: (miro:U:/) denied
connect() to 82.168.14.146 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:36:12 g0n kernel: [359369.127756] grsec: (miro:U:/) denied
connect() to 82.168.14.146 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:36:20 g0n kernel: [359377.143512] grsec: (miro:U:/) denied
connect() to 82.168.14.146 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:36:36 g0n kernel: [359393.175768] grsec: (miro:U:/) denied
connect() to 82.168.14.146 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:37:08 g0n kernel: [359425.239710] grsec: (miro:U:/) denied
connect() to 82.168.14.146 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:38:13 g0n kernel: [359490.109863] grsec: (miro:U:/) denied
connect() to 82.168.14.146 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:38:13 g0n kernel: [359490.116482] grsec: (miro:U:/) denied
connect() to 176.104.106.208 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:38:13 g0n kernel: [359490.120103] grsec: (miro:U:/) denied
connect() to 138.201.143.186 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:38:14 g0n kernel: [359491.107470] grsec: (miro:U:/) denied
connect() to 82.168.14.146 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:38:14 g0n kernel: [359491.115411] grsec: more alerts, logging
disabled for 10 seconds
Jan 14 21:38:28 g0n kernel: [359505.143856] grsec: (miro:U:/) denied
connect() to 82.168.14.146 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:38:28 g0n kernel: [359505.144367] grsec: (miro:U:/) denied
connect() to 176.104.106.208 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:38:28 g0n kernel: [359505.144683] grsec: (miro:U:/) denied
connect() to 138.201.143.186 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:38:44 g0n kernel: [359521.175737] grsec: (miro:U:/) denied
connect() to 82.168.14.146 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:38:44 g0n kernel: [359521.176210] grsec: (miro:U:/) denied
connect() to 176.104.106.208 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:38:44 g0n kernel: [359521.176561] grsec: (miro:U:/) denied
connect() to 138.201.143.186 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:39:16 g0n kernel: [359553.239487] grsec: (miro:U:/) denied
connect() to 82.168.14.146 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:39:16 g0n kernel: [359553.239684] grsec: (miro:U:/) denied
connect() to 176.104.106.208 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:39:16 g0n kernel: [359553.239770] grsec: (miro:U:/) denied
connect() to 138.201.143.186 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:40:01 g0n kernel: [359597.629894] grsec:
(root:U:/usr/sbin/crond) chdir to /root by /usr/sbin/crond[crond:22668]
uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/crond[crond:3636]
uid/euid:0/0 gid/egid:0/0
[124 lines cut]
Jan 14 21:40:21 g0n kernel: [359618.120247] grsec: (miro:U:/) denied
connect() to 213.246.56.79 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:40:22 g0n kernel: [359619.119647] grsec: (miro:U:/) denied
connect() to 213.246.56.79 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:40:24 g0n kernel: [359621.123691] grsec: (miro:U:/) denied
connect() to 213.246.56.79 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:40:28 g0n kernel: [359625.127686] grsec: (miro:U:/) denied
connect() to 213.246.56.79 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:40:36 g0n kernel: [359633.143747] grsec: (miro:U:/) denied
connect() to 213.246.56.79 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:40:52 g0n kernel: [359649.175736] grsec: (miro:U:/) denied
connect() to 213.246.56.79 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:41:24 g0n kernel: [359681.239728] grsec: (miro:U:/) denied
connect() to 213.246.56.79 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:42:29 g0n kernel: [359746.102911] grsec: (miro:U:/) denied
connect() to 213.246.56.79 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:42:29 g0n kernel: [359746.110479] grsec: (miro:U:/) denied
connect() to 193.200.241.195 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:42:30 g0n kernel: [359747.099633] grsec: (miro:U:/) denied
connect() to 213.246.56.79 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:42:30 g0n kernel: [359747.107504] grsec: (miro:U:/) denied
connect() to 193.200.241.195 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:42:32 g0n kernel: [359749.103562] grsec: more alerts, logging
disabled for 10 seconds
Jan 14 21:42:44 g0n kernel: [359761.127733] grsec: (miro:U:/) denied
connect() to 213.246.56.79 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:42:44 g0n kernel: [359761.143736] grsec: (miro:U:/) denied
connect() to 193.200.241.195 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:43:00 g0n kernel: [359777.175676] grsec: (miro:U:/) denied
connect() to 213.246.56.79 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:43:00 g0n kernel: [359777.176210] grsec: (miro:U:/) denied
connect() to 193.200.241.195 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:43:32 g0n kernel: [359809.239509] grsec: (miro:U:/) denied
connect() to 213.246.56.79 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:43:32 g0n kernel: [359809.239698] grsec: (miro:U:/) denied
connect() to 193.200.241.195 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:44:37 g0n kernel: [359874.113657] grsec: (miro:U:/) denied
connect() to 88.86.102.163 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:44:38 g0n kernel: [359875.111493] grsec: (miro:U:/) denied
connect() to 88.86.102.163 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:44:40 g0n kernel: [359877.115579] grsec: (miro:U:/) denied
connect() to 88.86.102.163 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:44:44 g0n kernel: [359881.127699] grsec: (miro:U:/) denied
connect() to 88.86.102.163 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:44:52 g0n kernel: [359889.143540] grsec: (miro:U:/) denied
connect() to 88.86.102.163 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:45:08 g0n kernel: [359905.175566] grsec: (miro:U:/) denied
connect() to 88.86.102.163 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:45:40 g0n kernel: [359937.239498] grsec: (miro:U:/) denied
connect() to 88.86.102.163 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:46:45 g0n kernel: [360002.113731] grsec: (miro:U:/) denied
connect() to 163.172.201.62 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:46:46 g0n kernel: [360003.111509] grsec: (miro:U:/) denied
connect() to 163.172.201.62 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:46:48 g0n kernel: [360005.115694] grsec: (miro:U:/) denied
connect() to 163.172.201.62 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:46:52 g0n kernel: [360009.127499] grsec: (miro:U:/) denied
connect() to 163.172.201.62 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:47:00 g0n kernel: [360017.143767] grsec: (miro:U:/) denied
connect() to 163.172.201.62 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:47:16 g0n kernel: [360033.175541] grsec: (miro:U:/) denied
connect() to 163.172.201.62 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:47:47 g0n kernel: [360064.111102] grsec: (miro:U:/) denied
connect() to 46.19.93.212 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:47:48 g0n kernel: [360065.111713] grsec: (miro:U:/) denied
connect() to 46.19.93.212 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:47:48 g0n kernel: [360065.239483] grsec: (miro:U:/) denied
connect() to 163.172.201.62 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:47:50 g0n kernel: [360067.115705] grsec: (miro:U:/) denied
connect() to 46.19.93.212 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:47:54 g0n kernel: [360071.127453] grsec: more alerts, logging
disabled for 10 seconds
Jan 14 21:48:18 g0n kernel: [360095.191532] grsec: (miro:U:/) denied
connect() to 46.19.93.212 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:48:50 g0n kernel: [360127.255502] grsec: (miro:U:/) denied
connect() to 46.19.93.212 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:48:53 g0n kernel: [360130.105320] grsec: (miro:U:/) denied
connect() to 163.172.201.62 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:48:54 g0n kernel: [360131.103456] grsec: (miro:U:/) denied
connect() to 163.172.201.62 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:48:56 g0n kernel: [360133.107721] grsec: (miro:U:/) denied
connect() to 163.172.201.62 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:49:00 g0n kernel: [360137.111689] grsec: more alerts, logging
disabled for 10 seconds
Jan 14 21:49:24 g0n kernel: [360161.175498] grsec: (miro:U:/) denied
connect() to 163.172.201.62 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:49:55 g0n kernel: [360192.112941] grsec: (miro:U:/) denied
connect() to 94.23.144.49 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:49:56 g0n kernel: [360193.111515] grsec: (miro:U:/) denied
connect() to 94.23.144.49 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:49:56 g0n kernel: [360193.239778] grsec: (miro:U:/) denied
connect() to 163.172.201.62 port 443 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:49:58 g0n kernel: [360195.115783] grsec: (miro:U:/) denied
connect() to 94.23.144.49 port 9001 sock type stream protocol tcp by
/var/tmp/portage/app-emulation/qemu-2.8.0/image/usr/bin/qemu-system-x86_64[CPU
0/KVM:5447] uid/euid:1000/1000 gid/egid:1000/1000, parent
/sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jan 14 21:50:01 g0n kernel: [360197.679030] grsec:
(root:U:/usr/sbin/crond) chdir to /root by /usr/sbin/crond[crond:22717]
uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/crond[crond:3636]
uid/euid:0/0 gid/egid:0/0
[76 lines cut]
Jan 14 21:50:02 g0n kernel: [360199.127671] grsec: more alerts, logging
disabled for 10 seconds
This line shows how verbose the exec_logging is. exec_logging is a
feature of grsecurity. verbose it is because just the every 10 minutes
each hour routine run of the crond takes, as you can see above 78 lines
(of which I cut 76 out).
However, pls. notice that what I have left in that app-emulation
directory of /var/tmp/portage is as follows:
# ls -l /var/tmp/portage/app-emulation/
total 4
drwxr-xr-x 7 portage portage 4096 2017-01-13 17:48 virt-viewer-5.0-r1
# ls -l /var/tmp/portage/app-emulation/virt-viewer-5.0-r1/
total 20
drwxr-xr-x 2 portage portage 4096 2017-01-13 17:47 build-info
drwxr-xr-x 2 root portage 4096 2017-01-13 17:47 distdir
drwxr-xr-x 5 portage portage 4096 2017-01-13 17:47 homedir
drwxr-xr-x 4 portage portage 4096 2017-01-13 17:48 temp
#
and that the 82 times repeated in the logs:
/var/tmp/portage/app-emulation/qemu-2.8.0/
does not exist. So it's a bug, isn't it?
Just to add, nothing whatsoever shows in the network trace, taken by
tcpdump, there is nothing in the network, tcp or ip layer whatsoever of
any of those in the logs, probably because grsecurity blocks them,
although I was offline all this time, none of the nodes could have been
reachable (but while I was installing glibc, the tcpdump recorded
attempts to download glibc-2.23-patches-7.tar.bz2 from the local mirror
which also wasn't set up at the time!).
And I think I first need to ask about it on the https://forums.grsecurity.net .
Pls. notice that the /sys filesystem is often played with by
virtulization people with "very little oversight with an eye toward
security":
https://en.wikibooks.org/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options#Sysfs.2Fdebugfs_restriction
, and that they seem to require now the complete freedom in the /sys
pseudo filesystem, as the apparent resolution of the bug:
=sys-kernel/hardened-sources-4.7.6: Kernel panic when starting KVM guests
https://bugs.gentoo.org/show_bug.cgi?id=597554#c72
shows to be the case.
Also, I don't want to go online without grsecurity GRADM protection, and
I had to disable it, else I couldn't start the tails domain VM :-(
yesterday.
And that means more work/study. GRADM policies are far from always easy
to deploy! Not for a non-expert like me...
--
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr
signature.asc
Description: Digital signature
