Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
clamav && chpax (hardened profile) error
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Portage & Programming
View previous topic :: View next topic  
Author Message
kao
Tux's lil' helper
Tux's lil' helper


Joined: 25 Dec 2002
Posts: 86

PostPosted: Wed Nov 24, 2010 10:13 am    Post subject: clamav && chpax (hardened profile) error Reply with quote

Hello!
1. update to 0.96.4
----------
2. /etc/init.d/clamd restart
* Stopping clamd ... [ ok ]
* Stopping freshclam ... [ ok ]
* Starting clamd ...
LibClamAV Warning: Bytecode: disabling JIT because PaX is preventing 'mprotect' access.
Run 'paxctl -cm <executable>' [ ok ]
* Starting freshclam ...
---------
3. paxctl -cm clamd

4.
paxctl -v clamd
PaX control v0.5
Copyright 2004,2005,2006,2007 PaX Team <pageexec@freemail.hu>

- PaX flags: -----m-x-e-- [clamd]
MPROTECT is disabled
RANDEXEC is disabled
EMUTRAMP is disabled

--------
5. /etc/init.d/clamd start
* Starting clamd ...
/lib/rcscripts/sh/rc-daemon.sh: line 231: 7172 Segmentation fault /sbin/start-stop-daemon '--start' '--quiet' '--nicelevel' '3' '--exec' '/usr/sbin/clamd'
* Failed to start clamd [ !! ]
* Starting freshclam ...
-----


Why?
Bug?
Thanks!
Back to top
View user's profile Send private message
mimosinnet
Guru
Guru


Joined: 10 Aug 2006
Posts: 512
Location: Barcelona, Spain

PostPosted: Sat Feb 02, 2013 7:21 am    Post subject: Reply with quote

I have come to the same issue after upgrading my box. Have you been able to solve it?

Cheers!
_________________
Please add [solved] to the initial post's subject line if you feel your problem is resolved.
Thank the community answering other people's post, specially those unanswered.
Back to top
View user's profile Send private message
Suicidal
l33t
l33t


Joined: 30 Jul 2003
Posts: 940
Location: /dev/null

PostPosted: Fri Mar 21, 2014 6:03 pm    Post subject: Reply with quote

mimosinnet wrote:
I have come to the same issue after upgrading my box. Have you been able to solve it?
Cheers!


Upgrading to the latest ~arch and running:

Code:
#!/bin/bash

        for bin in $(qlist clamav | grep bin); do
                paxctl-ng -pemrs ${bin}
        done


fixed it on my end. Weird thing is there are no pax warnings in dmesg. I think this is coming from clamav trying to read pax flags from the binaries.
_________________
Who controls the past now, controls the future
Who controls the present now, controls the past.
Back to top
View user's profile Send private message
zorry
Developer
Developer


Joined: 30 Mar 2008
Posts: 363
Location: Umeå The north part of scandinavia

PostPosted: Fri Mar 21, 2014 7:50 pm    Post subject: Reply with quote

The warning you see is that it do a test if it can use Bytecode.
Bytecode use JIT and that will be killed by mprotect.
Clamav will work fine without Bytecode
I would not run anny anitvirus program with mprotector off
_________________
gcc version 4.6.2 (Gentoo Hardened 4.6.2 p1.1, pie-0.5.0)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Portage & Programming All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum