Re: [gentoo-user] Failed to set XATTR_PAX markings -me

2017-02-03 Thread thelma
[snip] >> > > The openoffice-bin ebuild makes use of the pax-utils package. Do you > have it installed? > > /usr/portage/app-office/openoffice-bin/openoffice-bin-4.1.2.ebuild:7 > inherit eutils fdo-mime gnome2-utils pax-utils prefix rpm multilib > > /usr/por

Re: [gentoo-user] Can't update pax-utils to 0.5 because of genkernel block.

2013-04-12 Thread Stroller
-misc/pax-utils-0.5::gentoo, ebuild scheduled for merge) pulled in by =app-misc/pax-utils-0.1.17 required by (sys-apps/portage-2.1.11.60::gentoo, installed) =app-misc/pax-utils-0.1.19 required by (sys-apps/sandbox-2.5::gentoo, installed) =app-misc/pax-utils-0.1.10 required by (sys

Re: [gentoo-user] Failed to set XATTR_PAX markings -me

2017-02-03 Thread Alexander Kapshuk
On Fri, Feb 3, 2017 at 7:18 PM, <the...@sys-concept.com> wrote: > > [snip] >>> >> >> The openoffice-bin ebuild makes use of the pax-utils package. Do you >> have it installed? >> >> /usr/portage/app-office/openoffice-bin/openoffice-bin-4.1.2.e

[gentoo-user] Can't update pax-utils to 0.5 because of genkernel block.

2013-04-11 Thread Mateusz Kowalczyk
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Trying to update my (fairly fresh install) system, I stumbled upon a package block. Nothing unusual except that I get the following: - - Calculating dependencies... done! [ebuild U ] app-misc/pax-utils-0.5 [0.4] USE=-caps 79 kB [blocks B

Re: [gentoo-user] lzma archives

2008-11-08 Thread Joerg Schilling
Nicolas Sebrecht [EMAIL PROTECTED] wrote: On Fri, Nov 07, 2008 at 11:46:30AM +0100, Joerg Schilling wrote: SUSv2 is the latest standard that includes tar. And we should use pax instead of tar looking to SUSv3. Not sure pax can internaly deal with lzma file format. There are many pax

Re: [gentoo-user] lzma archives

2008-11-08 Thread Joerg Schilling
Nicolas Sebrecht [EMAIL PROTECTED] wrote: On Sat, Nov 08, 2008 at 08:00:38PM +0100, Joerg Schilling wrote: There are many pax implementations and the pax implementation that is usually seen on Linux is based on GNU cpio. Weird. The implementation that I've ever seen on Linux

Re: [gentoo-user] lzma archives

2008-11-07 Thread Nicolas Sebrecht
On Fri, Nov 07, 2008 at 11:46:30AM +0100, Joerg Schilling wrote: SUSv2 is the latest standard that includes tar. And we should use pax instead of tar looking to SUSv3. Not sure pax can internaly deal with lzma file format. -- Nicolas Sebrecht

Re: [gentoo-user] lzma archives

2008-11-08 Thread Nicolas Sebrecht
On Sat, Nov 08, 2008 at 08:00:38PM +0100, Joerg Schilling wrote: There are many pax implementations and the pax implementation that is usually seen on Linux is based on GNU cpio. Weird. The implementation that I've ever seen on Linux platforms is the BSD one. -- Nicolas Sebrecht

Re: [gentoo-user] Failed to set XATTR_PAX markings -me

2017-02-03 Thread thelma
Thelma On 02/03/2017 10:31 AM, Alexander Kapshuk wrote: > On Fri, Feb 3, 2017 at 7:18 PM, <the...@sys-concept.com> wrote: >> >> [snip] >>>> >>> >>> The openoffice-bin ebuild makes use of the pax-utils package. Do you >>> have

[gentoo-user] Re: Choosing between system profiles: hardened and desktop for desktop installation.

2017-07-07 Thread Martin Vaeth
R0b0t1 <r03...@gmail.com> wrote: > > https://wiki.gentoo.org/wiki/Hardened_Gentoo > > The hardened profile still sets PaX and a slew of toolchain options. Yes. But marking binaries for pax if you don't use a kernel with pax is pointless. And whether you use the hardened toolchai

Re: [gentoo-user] [solved] Emerge dev-java/ant-core-1.6.5-r13 failed

2006-07-12 Thread Michael Decker
I've forgot to set the right PaX attributes: http://www.gentoo.org/proj/en/hardened/hardenedfaq.xml?style=printable#paxjava Bye, Michael -- gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Is there a DEP (Data Execution Protection) option for Gentoo?

2006-03-26 Thread Heiko Wundram
Am Montag 27 März 2006 06:29 schrieb Walter Dnes: The subject says it all. I've done some spelunking through /usr/src/linux/.config, and I don't see anything relavant. It's a kernel patch called PAX, and Gentoo offers hardened-sources which incorporate this kernel patch. Google for Gentoo

[gentoo-user] Help interpreting firefox e-log message

2010-08-12 Thread Kevin O'Gorman
Firefox just re-emerged. I dunno why, but it's usually benign. But I get this message. LOG: install Fallback PaX marking -m /var/tmp/portage/www-client/firefox-3.6.8/image///usr/lib/mozilla-firefox/firefox LOG: postinst What in the world does this mean? pax is not in flagedit. I

[gentoo-user] all digest files missing for portage update after rsync with local server

2007-03-24 Thread de Almeida, Valmor F.
] for all packages. -emerge --pretend --verbose portage These are the packages that I would merge, in order: Calculating dependencies ...done! [ebuild U ] app-misc/pax-utils-0.1.15 [0.1.11-r1] -caps 0 kB [ebuild

[gentoo-user] Re: qemu-kvm black screen and infinite loop on startup

2011-04-06 Thread Kfir Lavi
shows for all qemu binaries: - PaX flags: -m-x-e-- [/usr/bin/qemu] MPROTECT is disabled RANDEXEC is disabled EMUTRAMP is disabled - PaX flags: -m-x-e-- [/usr/bin/qemu-i386] MPROTECT is disabled RANDEXEC is disabled EMUTRAMP is disabled - PaX flags

Re: [gentoo-user] New Server, considering hardened, need pointers to tfm...

2011-12-10 Thread Pandu Poluan
. When I went hardened, I used PaX and grsec [1] because it offered the security I was looking for but didn't restrict userland usability on a server on which I was the only user. My understanding is that this restriction would be a consequence of using SeLinux. Yeah, I was leaning toward

Re: [gentoo-user] Is there a DEP (Data Execution Protection) option for Gentoo?

2006-03-26 Thread Rumen Yotov
On Mon, 2006-03-27 at 07:50 +0200, Heiko Wundram wrote: Am Montag 27 März 2006 06:29 schrieb Walter Dnes: The subject says it all. I've done some spelunking through /usr/src/linux/.config, and I don't see anything relavant. It's a kernel patch called PAX, and Gentoo offers hardened

Re: [gentoo-user] What's up with the hardened USE flag?

2011-07-04 Thread Daniel Pielmeier
resync, and the same packages want to rebuild again because of the hardened USE flag :-/ Anyone else getting this?  These are big packages needing hours to get built. Everyone will get this. The culprit is a change in the pax-utils.eclass [1]. Which adds USE=hardened to every consumer

Re: [gentoo-user] pam-1.1.4 emerge error on x86

2011-10-16 Thread Jonas de Buhr
Am Sat, 15 Oct 2011 19:50:23 +0100 schrieb Mick michaelkintz...@gmail.com: [snip snip] [snip...] Thank you! :-) you're welcome ;) its really easy to help you because you provide the right information =) To save me asking next time ... how did you know that pax-utils

Re: [gentoo-user] USE=jpeg not part of hardened/linux/x86 profile

2012-06-08 Thread Jorge Martínez López
Hi! 2012/6/8 Bryan Gardiner b...@khumba.net: [...] +1 for using Hardened as a desktop.  Skype should work with PaX now; it used to need an exact paxctl command to get running but its ebuild now sets that. Great to know Skype works now. Back then it did not even install. I am not using Skype

Re: [gentoo-user] hardened-sources...what?

2011-09-22 Thread Mike Edenfield
On 9/22/2011 5:51 PM, Francisco Blas Izquierdo Riera (klondike) wrote: El 22/09/11 22:20, Michael Mol escribió: My question is...what kinds? Well mainly the PaX and the grsecurity patches. I also heard there is a WIP in bringing RSBAC back again too. Does gentoo-sources include

Re: [gentoo-user] pam-1.1.4 emerge error on x86

2011-10-15 Thread Mick
-1.1.4/work/Linux-PAM-1.1.4' /var/tmp/portage/sys-libs/pam-1.1.4/temp/environment: line 2226: scanelf: command not found you could try reinstalling app-misc/pax-utils. this is either a missing dependency or for some reason your pax-utils install is broken

[gentoo-user] Re: Bind9 and Samba4 setup nightmare

2012-03-21 Thread walt
On 03/21/2012 08:15 AM, Datty wrote: I've just run ldd against the library thats trying to load and ive pasted the output below. It seems to require libsamdb-common.so twice but is only able to find it once? lddtree (app-misc/pax-utils) may give you a hint why that's happening.

Re: [gentoo-user] USE=jpeg not part of hardened/linux/x86 profile

2012-06-08 Thread Bryan Gardiner
forget using Skype. PaX will kill multimedia applications such as Totem, use paxctl to solve this. I have some issues with Phython applications such as Gwibber and Hotot, the only way to solve it seems to use paxctl with the python binary, which I am not willing to. Greetings, +1 for using

Re: [gentoo-user] Failed to set XATTR_PAX markings -me

2017-02-03 Thread Alexander Kapshuk
/RPMS/openoffice-base-4.1.2-9782.i586.rpm to >>>> /var/tmp/portage/app-office/openoffice-bin-4.1.2/work >>>> Unpacking ./en-US/RPMS/openoffice-calc-4.1.2-9782.i586.rpm to >>>> /var/tmp/portage/app-office/openoffice-bin-4.1.2/work > > -- > Thelma >

Re: [gentoo-user] wget killed -- wonder where I went wrong...

2011-08-08 Thread Pandu Poluan
that later. ATM, I'm recompiling the kernel, with more built-ins enabled. Amazing! My system locked up *completely* ! Something weird's going on here, folks... I'll try disabling PaX and Grsec next. More information: Ctrl-Alt-Del works (in that init properly tried to stop all services

Re: [gentoo-user] hardened-sources...what?

2011-09-22 Thread Francisco Blas Izquierdo Riera (klondike)
El 22/09/11 22:20, Michael Mol escribió: My question is...what kinds? Well mainly the PaX and the grsecurity patches. I also heard there is a WIP in bringing RSBAC back again too. For what reason is there a set of makes it more secure patches that aren't integrated into the mainline kernel

Re: [gentoo-user] New Server, considering hardened, need pointers to tfm...

2011-12-10 Thread Tanstaafl
difficulty. As far as I know, the correct model to use depends on what you want to do with the server/what security you are looking to implement. When I went hardened, I used PaX and grsec [1] because it offered the security I was looking for but didn't restrict userland usability on a server on which I

Re: [gentoo-user] Can't update pax-utils to 0.5 because of genkernel block.

2013-04-12 Thread Mateusz Kowalczyk
/genkernel http://packages.gentoo.org/package/app-misc/pax-utils Stroller. Ah, I seem to have missed that bug report. Thanks a lot for the links. - -- Mateusz K. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) iQIcBAEBAgAGBQJRaBkTAAoJEM1mucMq2pqXz4IQAKwamCRtPZ76g+CdttDckuVI

Re: [gentoo-user] Hardened Kernel (PaX): How to allow Text Relocations for *ONE* executable, while disallowing it for *EVERY* *OTHER* executable?

2006-04-16 Thread Alexander Skwar
: not randomized * Segmentation based PAGE_EXEC : disabled I now used paxctl, like you suggested in 2.. I ran: paxctl -m /usr/NX/bin/nxagent And see: [EMAIL PROTECTED] /usr/src $ sudo paxctl -v /usr/NX/bin/nxagent PaX control v0.4 Copyright 2004,2005 PaX Team [EMAIL PROTECTED] - PaX

Re: [gentoo-user] Hardened Kernel (PaX): How to allow Text Relocations for *ONE* executable, while disallowing it for *EVERY* *OTHER* executable?

2006-04-16 Thread Rumen Yotov
paxctl -v /usr/NX/bin/nxagent PaX control v0.4 Copyright 2004,2005 PaX Team [EMAIL PROTECTED] - PaX flags: -m-x-e-- [/usr/NX/bin/nxagent] MPROTECT is disabled RANDEXEC is disabled EMUTRAMP is disabled Now I am able to run NX. But none the less, I would still like

Re: [gentoo-user] Hardened Kernel (PaX): How to allow Text Relocations for *ONE* executable, while disallowing it for *EVERY* *OTHER* executable?

2006-04-16 Thread Alexander Skwar
Rumen Yotov wrote: Because chpax uses the old ELF-header markings and paxctl uses the new ones (binaries compiled with PIC PIE, binutils 2.16.X). So you use chpax or paxctl depending on the binary. Alright. That's an explanation I can live with. Is there a way to find out beforehand if chpax

Re: [gentoo-user] Opinions on -fstack-protector

2009-08-23 Thread Mike Kazantsev
be missing a point, but if you want really secure kernel, why'd you use 2.6.30+ instead of hardened-sources something like PaX and grsecurity? -- Mike Kazantsev // fraggod.net signature.asc Description: PGP signature

Re: [gentoo-user] Failed to set XATTR_PAX markings

2015-09-07 Thread netfab
Le 31/08/15 à 10:36, the...@sys-concept.com a tapoté : > While compiling/updating the system I get a few packages with > messages: > > LOG: install > Failed to set XATTR_PAX markings I'm also getting this kind of messages since some time on a desktop system with many packages. A

Re: [gentoo-user] Hardened Kernel (PaX): How to allow Text Relocations for *ONE* executable, while disallowing it for *EVERY* *OTHER* executable?

2006-04-16 Thread Willie Wong
to disable this error and allow my program to be run. How do I do that? The FAQ states, that there's a PaX feature called MPROTECT which is to be used and that MPROTECT must be disallowed on the executable which fails to get executed. How do I do that? I thought that I could do

Re: [gentoo-user] pam-1.1.4 emerge error on x86

2011-10-15 Thread Mick
/Linux-PAM-1.1.4' /var/tmp/portage/sys-libs/pam-1.1.4/temp/environment: line 2226: scanelf: command not found you could try reinstalling app-misc/pax-utils. this is either a missing dependency or for some reason your pax-utils install is broken. Thank you! I've remerged pax-utils

Re: [gentoo-user] New Server, considering hardened, need pointers to tfm...

2011-12-10 Thread Matthew Finkel
about it (the fix was simple, and the devs swiftly fixed the lack of post-install docs). Does anyone know of a good How-To that covers *all* of the bases? Ie, which model is best - grsecurity, PAX, SeLinux - and how best to implement it? Thanks... You may be able to get a better response

Re: [gentoo-user] Switching to a hardened profile and back again

2011-03-16 Thread Mike Edenfield
the biggest possible source of problems: if you have a PAX-enabled kernel then all of your binaries need to be built by the hardened tool chain, or there is a decent chance they'll fail. Definitely follow the FAQ for the details, but the basic process should be: * switch profiles - hardened * emerge gcc

Re: [gentoo-user] Any ideas on this compile failure?

2009-01-25 Thread Daniel Troeder
(shell script?) got killed? Are you maybe running hardend? I had that kind of problem often, when a binary tries to do something forbidden (by PaX). In that case I found something in the kernel log (dmesg, /var/log/kern.log). My only idea, cause I don't know icedtea6 :) Bye, Daniel -- PGP key @ http

Re: [gentoo-user] Any ideas on this compile failure?

2009-01-25 Thread Grant
? I had that kind of problem often, when a binary tries to do something forbidden (by PaX). In that case I found something in the kernel log (dmesg, /var/log/kern.log). My only idea, cause I don't know icedtea6 :) Bye, Daniel Thanks Daniel, I am running hardened so you're probably right. I

[gentoo-user] Re: {OT} wine won't work

2008-11-18 Thread Grant
of the hardened stuff in my kernel. Most likely pax. - Grant

[gentoo-user] why does portage depend on the kernel?

2006-04-28 Thread Chris Bare
-2.3.6-r3 [2.3.5-r3] [ebuild NS ] sys-kernel/gentoo-sources-2.6.16-r3 [ebuild U ] app-misc/pax-utils-0.1.11-r1 [0.1.10] [ebuild U ] sys-apps/portage-2.0.54-r1 [2.0.54] -- Chris Bare [EMAIL PROTECTED] -- gentoo-user@gentoo.org mailing

[gentoo-user] Apache2 generating secret takes a long time

2006-06-16 Thread Grant
this might have changed? I update all packages on my system daily so there may have been a package change that did it. Here are all packages listed in /var/log/portage this month: mysql cscope vixie-cron jpeg pax-utils postfix ssmtp gmp pycrypto portage gentoolkit ncurses Any ideas? - Grant

Re: [gentoo-user] Re: {OT} wvdial fails with Zain Tanzanian network

2009-07-04 Thread Grant
and most ports don't work. The Zain SIM works great now. Incidentally, I got antlr to emerge by temporarily enabling softmode on my PAX-enabled kernel. - Grant

Re: [gentoo-user] Opinions on -fstack-protector

2009-08-23 Thread Florian Philipp
noticeable? I might be missing a point, but if you want really secure kernel, why'd you use 2.6.30+ instead of hardened-sources something like PaX and grsecurity? In this particular case, the system is a vserver client. The kernel is out of my reach. I only have control about userspace

Re: [gentoo-user] What's up with the hardened USE flag?

2011-07-04 Thread Andrea Conti
Hello, Everyone will get this. The culprit is a change in the pax-utils.eclass [1]. Which adds USE=hardened to every consumer of the eclass. That's IUSE, not USE. USE flags are not touched (at least on non-hardened systems), so the change is only picked up by emerge if you use the --new-use

Re: [gentoo-user] wget killed -- wonder where I went wrong...

2011-08-08 Thread Pandu Poluan
enabled. Amazing! My system locked up *completely* ! Something weird's going on here, folks... I'll try disabling PaX and Grsec next. More information: Ctrl-Alt-Del works (in that init properly tried to stop all services), but there are *lots* of services got blocked by net.eth1, net.lo

Re: [gentoo-user] hardened-sources...what?

2011-09-22 Thread Francisco Blas Izquierdo Riera (klondike)
El 23/09/11 01:02, Mike Edenfield escribió: On 9/22/2011 5:51 PM, Francisco Blas Izquierdo Riera (klondike) wrote: El 22/09/11 22:20, Michael Mol escribió: My question is...what kinds? Well mainly the PaX and the grsecurity patches. I also heard there is a WIP in bringing RSBAC back again

[gentoo-user] XEmacs build hangs loading update-elc.el

2011-10-21 Thread Mike Edenfield
times.) I thought it might be related to having PaX in my kernel, but when I switched softmode on, the build actually segfaults almost immedately! Is it supposed to be taking this long for this step, and if not, what can I do to see why it's locked up? The last thing on my screen

[gentoo-user] Re: XEmacs build hangs loading update-elc.el

2011-10-22 Thread Hans de Graaff
to build xemacs (I've re-synched and restarted the build multiple times.) I thought it might be related to having PaX in my kernel, but when I switched softmode on, the build actually segfaults almost immedately! https://bugs.gentoo.org/show_bug.cgi?id=75028 Hans

[gentoo-user] New Server, considering hardened, need pointers to tfm...

2011-12-10 Thread Tanstaafl
-install docs). Does anyone know of a good How-To that covers *all* of the bases? Ie, which model is best - grsecurity, PAX, SeLinux - and how best to implement it? Thanks...

Re: [gentoo-user] Re: Bind9 and Samba4 setup nightmare

2012-03-22 Thread Datty
/pax-utils) may give you a hint why that's happening. Hi, Thanks for the pointer, I haven't used that tool before. I've ended up getting it working by bumping up to bind 9.9.0 which seems about as stable as a 1 legged chair. Now to work out why it crashes every time samba tries to do a dynamic

[gentoo-user] Re: qbittorrent and icui18n lib

2012-04-28 Thread walt
also needs rebuilding. One of my favorite tools is lddtree (app-misc/pax-utils) which will make it obvious which other library is at fault.

Re: [gentoo-user] USE=jpeg not part of hardened/linux/x86 profile

2012-06-08 Thread Jorge Martínez López
Hi there! I run Hardened in my desktop and it mostly works. When I switched profiles I looked at which use flags changed using emerge -pudvN world and then I enabled them manually using ufed. With Hardened forget using Skype. PaX will kill multimedia applications such as Totem, use paxctl

Re: [gentoo-user] How to force regeneration of eclasses

2017-02-03 Thread Helmut Jarausch
mmand is part of app-misc/pax-utils. It had version 1.2.1 installed which isn't in the tree any more - probably because of good reasons. Having installed the current version 1.2.2 fixed the problem mentioned above.

Re: [gentoo-user] Choosing between system profiles: hardened and desktop for desktop installation.

2017-07-04 Thread Toralf Förster
anilla kernel - b/c the hardened PAX kernel (GRsecurity) isn't any longer freely available and the vanilla is nowadays at 4.12. Works fine so far. -- Toralf PGP 23217DA7 9B888F45 signature.asc Description: OpenPGP digital signature

[gentoo-user] Re: python-updater broken

2008-10-23 Thread James
of time with no problems. The HD is less than 13% full - Has something happened to your scanelf? emerge -1 pax-utils I did the 'emerge -1 pax-utils' and when I launch python-updater scanelf runs fine as I watch it via top. When python-updater actually starts up, that's when the load goes

Re: [gentoo-user] *** glibc detected *** malloc(): memory corruption (fast): 0x081fb2c1 ***

2005-11-18 Thread Michael Sullivan
. Is this a problem with my program or with my system. Is there a way to fix it? Can anyone at least explain to me what it means? Are you running a grsecurity and or pax kernel? I get this kind of crap left and right with it... Sometimes. Very unpredictable. Very annoying. I don't

Re: [gentoo-user] *** glibc detected *** malloc(): memory corruption (fast): 0x081fb2c1 ***

2005-11-19 Thread fire-eyes
. Is this a problem with my program or with my system. Is there a way to fix it? Can anyone at least explain to me what it means? Are you running a grsecurity and or pax kernel? I get this kind of crap left and right with it... Sometimes. Very unpredictable. Very annoying. I don't know

[gentoo-user] Hardened Kernel (PaX): How to allow Text Relocations for *ONE* executable, while disallowing it for *EVERY* *OTHER* executable?

2006-04-16 Thread Alexander Skwar
, while keeping it disallowed for every other executable (the ones which already exist and the ones, which are to come in the future)? I now would like to disable this error and allow my program to be run. How do I do that? The FAQ states, that there's a PaX feature called MPROTECT which

Re: [gentoo-user] Hardened Kernel (PaX): How to allow Text Relocations for *ONE* executable, while disallowing it for *EVERY* *OTHER* executable?

2006-04-16 Thread Rumen Yotov
2.6.9, stripped Second (better) option: $ qlist pax-utils /usr/bin/pspax /usr/bin/scanelf /usr/bin/dumpelf /usr/share/man/man1/scanelf.1.gz /usr/share/man/man1/dumpelf.1.gz /usr/share/man/man1/pspax.1.gz HTH.Rumen -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2-ecc0.1.6 (GNU/Linux) Comment: Using

Re: [gentoo-user] kernel 4.9.0 + nvidia problem

2016-12-27 Thread lee
ibility + + driver : Install the kernel driver module + + gtk3: Install nvidia-settings with support for GTK+ 3 + + kms : Enable support for kernel mode setting (KMS) - - pax_kernel : PaX patches from the PaX project - - static-libs : Build static versions of dynamic librari

Re: [gentoo-user] Failed to set XATTR_PAX markings -me

2017-02-03 Thread thelma
On 02/03/2017 10:31 AM, Alexander Kapshuk wrote: > On Fri, Feb 3, 2017 at 7:18 PM, <the...@sys-concept.com> wrote: >> >> [snip] >>>> >>> >>> The openoffice-bin ebuild makes use of the pax-utils package. Do you >>> have it installed? &

Re: [gentoo-user] pam-1.1.4 emerge error on x86

2011-10-15 Thread Jonas de Buhr
-PAM-1.1.4' make[1]: Leaving directory `/var/tmp/portage/sys-libs/pam-1.1.4/work/Linux-PAM-1.1.4' /var/tmp/portage/sys-libs/pam-1.1.4/temp/environment: line 2226: scanelf: command not found you could try reinstalling app-misc/pax-utils. this is either a missing dependency

Re: [gentoo-user] pam-1.1.4 emerge error on x86

2011-10-15 Thread Mick
reinstalling app-misc/pax-utils. this is either a missing dependency or for some reason your pax-utils install is broken. Thank you! I've remerged pax-utils. This is an old laptop and both the main battery and CMOS battery have run out of juice. I noticed that the clock was out by more

Re: [gentoo-user] pam-1.1.4 emerge error on x86

2011-10-15 Thread Jonas de Buhr
/temp/environment: line 2226: scanelf: command not found you could try reinstalling app-misc/pax-utils. this is either a missing dependency or for some reason your pax-utils install is broken. Thank you! I've remerged pax-utils. This is an old laptop and both

Re: [gentoo-user] Switching to hardened

2008-01-30 Thread Alex Schuster
thought I'd start with the preparations. Configuring things like Pax would come later, when emerge -e world has finished on this slow machine (and when I have read all the howtos). Wonko -- gentoo-user@lists.gentoo.org mailing list

Re: [gentoo-user] gentoo as a baseline to build a secure server OS ...

2007-11-16 Thread Mark Shields
. ~ Could you give me some directions about how to achieve this? ~ Thank you lbrtchx -- [EMAIL PROTECTED] mailing list I've never built a cd with gentoo-catalyst, but I have setup Gentoo with the hardened kernel, in addition to pax/gresecurity. Judging by the gentoo-wiki guide on catalyst [1

[gentoo-user] how to recover a portage that wasn't in use for very long time

2009-05-09 Thread Alexey Luchko
-misc/pax-utils-0.1.19 [0.1.15] [blocks B ] sys-apps/portage-2.1.5 (is blocking app-shells/ bash-3.2_p39) colinux ~ # How to get it out? Regards, Alexey.

Re: [gentoo-user] python-updater broken

2008-10-22 Thread Arttu V.
or filesystems have some problems or bit-rot after having possibly been powered on 24/7 for a long time? Has there been power outages? Voluntary fsck time! - Has something happened to your scanelf? emerge -1 pax-utils might fix some issues - I'd guess eselect python complaining like above is probably

Re: [gentoo-user] Re: {OT} wine won't work

2008-11-21 Thread Andrey Vul
)! err:module:attach_process_dlls KERNEL32.dll failed to initialize, aborting err:module:LdrInitializeThunk Main exe initialization for LC:\\windows\\system32\\winecfg.exe failed, status c005 c005 is Windows' way of saying SIGSEGV. PaX might be to blame. I remember that with grsec enabled, wine couldn't

Re: [gentoo-user] *** glibc detected *** malloc(): memory corruption (fast): 0x081fb2c1 ***

2005-11-18 Thread fire-eyes
. Is there a way to fix it? Can anyone at least explain to me what it means? Are you running a grsecurity and or pax kernel? I get this kind of crap left and right with it... Sometimes. Very unpredictable. Very annoying. -- gentoo-user@gentoo.org mailing list

Re: [gentoo-user] why does portage depend on the kernel?

2006-04-28 Thread Willie Wong
U ] sys-libs/glibc-2.3.6-r3 [2.3.5-r3] [ebuild NS ] sys-kernel/gentoo-sources-2.6.16-r3 [ebuild U ] app-misc/pax-utils-0.1.11-r1 [0.1.10] [ebuild U ] sys-apps/portage-2.0.54-r1 [2.0.54] because you are using --deep if you want

Re: [gentoo-user] why does portage depend on the kernel?

2006-04-28 Thread Chris White
). [ebuild U ] app-misc/pax-utils-0.1.11-r1 [0.1.10] [ebuild U ] sys-apps/portage-2.0.54-r1 [2.0.54] to get just this: `emerge -u portage` is all you need. -- Chris Bare [EMAIL PROTECTED] -- Chris White Gentoo Developer aka: ChrisWhite cpw ChrisWhite|Work

Re: [gentoo-user] Mozilla won't start after upgrading to 1.7.13

2006-05-26 Thread Roman Zilka
I look for in gdb? The binary is stripped, shall I rebuild? Check PaX flags on mozilla binary (chpax (deprecated) paxctl). Check/alter any grsec settings, through /proc (if enabled). Just finished testing: this didn't help either. I even experimented with the 2.6.14.7 and 2.6.16.18 vanillas

Re: [gentoo-user] Re: {OT} wvdial fails with Zain Tanzanian network

2009-07-04 Thread Mark Shields
recommend the Serena Lodge wireless internet connections in Tanzania. Very expensive and most ports don't work. The Zain SIM works great now. Incidentally, I got antlr to emerge by temporarily enabling softmode on my PAX-enabled kernel. - Grant You're running a PAX'd kernel on a laptop

Re: [gentoo-user] Re: {OT} wvdial fails with Zain Tanzanian network

2009-07-04 Thread Grant
.  Very expensive and most ports don't work.  The Zain SIM works great now. Incidentally, I got antlr to emerge by temporarily enabling softmode on my PAX-enabled kernel. - Grant You're running a PAX'd kernel on a laptop workstation?  Really? Yeah, no good? I asked on the gentoo-hardened list

Re: [gentoo-user] Kernel upgrading and linux symlink

2009-10-31 Thread Mike Edenfield
types of kernel (one without PaX, one without SELinux, whatever) and a new version comes out, I can copy its config from /boot to .config and run make oldconfig. The System.map file is probably the least useful of the three for the average user. It's main use is for address resolution in oops

Re: [gentoo-user] What's up with the hardened USE flag?

2011-07-04 Thread Daniel Pielmeier
2011/7/4 Andrea Conti a...@alyf.net: Hello, Everyone will get this. The culprit is a change in the pax-utils.eclass [1]. Which adds USE=hardened to every consumer of the eclass. That's IUSE, not USE. USE flags are not touched (at least on non-hardened systems), so the change is only picked

Re: [gentoo-user] wget killed -- wonder where I went wrong...

2011-08-08 Thread Pandu Poluan
debugging symbols attached, and maybe you can debug to see where it is failing. I'll try that later. ATM, I'm recompiling the kernel, with more built-ins enabled. If that doesn't work, I'll try turning off PaX Grsecurity. If that *still* doesn't work, I'll try compiling an earlier (2.6.39

Re: [gentoo-user] wget killed -- wonder where I went wrong...

2011-08-08 Thread Pandu Poluan
weird's going on here, folks... I'll try disabling PaX and Grsec next. Rgds, -- Pandu E Poluan ~ IT Optimizer ~  • Blog : http://pepoluan.tumblr.com  • Linked-In : http://id.linkedin.com/in/pepoluan

Re: [gentoo-user] Is grub2 stable and who uses it?

2011-10-07 Thread Alan McKinnon
these dimensions from string theorie must be good for something ;-) Just think of the consequences if c is not the ultimate speed limit. I am, and they're so numerous that I can't even contemplate them all. Permit me to direct you to the pearl of wisdom about that in the movie K-Pax -- Alan McKinnnon

Re: [gentoo-user] can one tell me: gentoo vs opensuse

2011-12-10 Thread Pandu Poluan
that the vuln they're targeting is located at the right spot, *if* the vuln exists at all. Throw in hardened patches like GrSecurity, PAX, and SELinux... well, you get the idea.) ((No wonder NASDAQ uses Gentoo for its infrastructure)) Rgds,

Re: [gentoo-user] can one tell me: gentoo vs opensuse

2011-12-10 Thread LinuxIsOne
is located at the right spot, *if* the vuln exists at all. Throw in hardened patches like GrSecurity, PAX, and SELinux... well, you get the idea.) Oh I see. Thanks for clarification Pandu. ((No wonder NASDAQ uses Gentoo for its infrastructure)) Great to hear.

Re: [gentoo-user] Re: qbittorrent and icui18n lib

2012-04-28 Thread Markos Chandras
, then some other library that qbittorrent uses also needs rebuilding. One of my favorite tools is lddtree (app-misc/pax-utils) which will make it obvious which other library is at fault. You should rebuild qt-core because this is the package that uses dlopen() to load libicu. This should fix

[gentoo-user] Re: Revdep-rebuild: ams won't start due to shared library libclalsadrv.so.1

2012-11-06 Thread walt
that is still linked to the missing one, i.e. ams has an indirect dependency through an old library that needs to be rebuilt --but-- for some reason revdep is not finding it. (Don't ask me why ;) I highly recommend the lddtree utility for tracking down indirect dependency like that. It is part of app-misc/pax

Re: [gentoo-user] Converting to Hardened/Selinux

2014-01-19 Thread Michael Orlitzky
versions so all of the software should be built for both already. After the guides steps are completed, should I run a emerge --update --newuse --deep @system @world You will want the PaX markings, so yes. To save yourself some future pain I would start out with the xattr-based markings: https

Re: [gentoo-user] Anyone running a hardened profile?

2015-09-06 Thread Hinnerk van Bruinehsen
Hello walt, I've running hardened (hardened profile + kernel (including pax and grsec)) for at least 5 years on all my boxes except one (my gaming only box). It's been quite a while that I had an issue caused by the hardened profile that wasn't due to my fiddeling around with stuff like SELinux

Re: [gentoo-user] Anyone running a hardened profile?

2015-09-07 Thread Michael Orlitzky
t go away. The full SSP is considered safe though, and only slows things down a bit. For PaX, the markings may exist on your filesystem, but if you switch to a non-hardened kernel they cease to have any effect. Grsec just goes away.

Re: [gentoo-user] Choosing between system profiles: hardened and desktop for desktop installation.

2017-07-04 Thread james
n hardening can continue on its own. The hardened kernel, however, provided PaX protection for executables and this will be lost. We did a lot of work to properly maintain PaX markings in our package management system and there was no part of Gentoo that wasn't touched by issues stemming from PaX sup

Re: [gentoo-user] *** glibc detected *** malloc(): memory corruption (fast): 0x081fb2c1 *** [SOLVED]

2005-11-19 Thread Michael Sullivan
Being fairly inexperienced with C++ I have no idea what this means. Is this a problem with my program or with my system. Is there a way to fix it? Can anyone at least explain to me what it means? Are you running a grsecurity and or pax kernel? I get this kind of crap left and right

[gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread James
and universal InstallCDs seen in previous releases: a new x86 LiveCD from the Hardened project And the corresponding CD: http://open-systems.ufl.edu/mirrors/gentoo/experimental/x86/hardened/livecd Have some experience with Grsec2+PaX and RSBAC (SElinux brother ;) IMHO they are significantly better than

Re: [gentoo-user] Problem compiling dev-lang/v8

2013-04-05 Thread Mike Gilbert
with --end-group): * XT PaX marking -me with setfattr * out/x64.release/cctest * out/x64.release/d8 * out/x64.release/shell setfattr: out/x64.release/cctest: Operation not supported setfattr: out/x64.release/d8: Operation not supported setfattr: out/x64.release/shell: Operation not supported

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

2006-02-17 Thread Rumen Yotov
). Now back to 'hardened' 2.grsec generally said is using three main lines of additional defense: 2.1. PAX - protects memory space from various attacks + makes data pages no-executable; Complemented by GCC with SSP,PIC,PIE code generation. 2.2. grsecurity kernel patch (which integrates PAX patch from

Re: [gentoo-user] Re: iptables example on Gentoo

2005-09-07 Thread Rumen Yotov
install. Haven't seen such claim for Gentoo (plain). Maybe the linux security models are not up to the task? SElinux etc? Have some experience with Grsec2+PaX and RSBAC (SElinux brother ;) IMHO they are significantly better than OpenBSD in overall security. The new/next version of OpenBSD

Re: [gentoo-user] Choosing between system profiles: hardened and desktop for desktop installation.

2017-07-04 Thread R0b0t1
e of >> use by having to manage pax and if you choose an RBAC system like SElinux >> or grsecuritys adds more burden. >> >> Security isn't a product, so I would recommend sticking with regular >> profile with stable packages, and be mindful of what you have opened

Re: [gentoo-user] Switching to hardened

2008-02-01 Thread Dan Farrell
some 100 km from it. I must admit that I should know more about the hardened stuff, but I thought I'd start with the preparations. Configuring things like Pax would come later, when emerge -e world has finished on this slow machine (and when I have read all the howtos). Wonko You

[gentoo-user] Kernel Panic Troubleshooting when machine is not avaiable directly

2008-04-16 Thread Hieu, Luu Danh
to recompile kernel and tried to fix around stuffs + remove the things I didn't need hoping it'd be the panic cause) grsec is enabled and logs most things, with most security enabled (minus the parts for TCP connections) PaX is also enabled - Hieu Luu Danh

Re: [gentoo-user] DVD and large files

2008-07-06 Thread Joerg Schilling
file inside. The historic tar archive format supports single files up to 8 GB in tar archives. Since POSIX.1-2001, the extended tar archive format (called pax) has no size limitations. Linux typically does not come with tar but with a tar clone called GNU tar that by default does not write

Re: [gentoo-user] DVD and large files

2008-07-06 Thread Dale
but not a tar archive with a 21 GB file inside. The historic tar archive format supports single files up to 8 GB in tar archives. Since POSIX.1-2001, the extended tar archive format (called pax) has no size limitations. Linux typically does not come with tar but with a tar clone called GNU tar

  1   2   3   >