View previous topic :: View next topic |
Author |
Message |
aka.doode n00b
Joined: 16 May 2005 Posts: 45 Location: Sweden
|
Posted: Mon Jun 20, 2005 1:42 am Post subject: Can't recompile GCC with PaX hardened system [SOLVED] |
|
|
What I did:
1. Followed the instructions for enabling PaX in the kernel, emerged latest hardened-sources, added correct options and compiled the kernel (rebooted and loaded new kernel), added "-fstack-protector-all" to CFLAGS section in make.conf and "hardened pic" to the USE section.
2. I then tried to do a "emerge binutils gcc virtual/libc" to get a hardened toolchain. That didn't go that well..
What happens:
Code: | checking for C compiler default output file name... a.out
checking whether the C compiler works... configure: error: cannot run C compiled programs.
If you meant to cross compile, use '--host'.
See 'config.log' for more details.
make[1]: *** [configure-target-libstdc++-v3] Error 1
make[1]: Leaving directory '/var/tmp/portage/gcc-3.4.3-r1/work/build'
make: *** [profiledbootstrap] Error 2
!!! ERROR: sys-devel/gcc-3.4.3-r1 failed
!!! Function gcc_do_make, line1212, Exitcode 2
!!! emake failed with profiledbootstrap |
Additional information:
it seems lib32 is the culprit. This is what I found in /var/tmp/portage/gcc-3.4.3-r1/work/build/x86_64-pc-linux-gnu/32/libstdc++-v3/config.log:
Code: | configure:2447: checking whether the C compiler works
configure:2453: ./a.out
./a.out: error while loading shared libraries: /lib32/libc.so.6: cannot apply additional memory protection after relocation: Permission denied |
Things I've tried (which did not work)
* Removed "-fstack-protector-all" from the CFLAGS section in make.conf
* Changed GCC profile from "x86_64-pc-linux-gnu-3.4.3" to "x86_64-pc-linux-gnu-3.4.3-hardened", using gcc-config and then ran source /etc/profile and env-update.
* Changed the symlink /etc/make.profile to point to /usr/portage/profiles/hardened/amd64
* USE="multilib" FEATURES="-sandbox" emerge gcc
Does anyone have any ideas what might fix this? I would greatly appreciate it, as my system is pretty broken right now (links works though, wee!)
Last edited by aka.doode on Tue Jun 28, 2005 1:50 pm; edited 1 time in total |
|
Back to top |
|
|
aka.doode n00b
Joined: 16 May 2005 Posts: 45 Location: Sweden
|
Posted: Tue Jun 21, 2005 1:04 am Post subject: |
|
|
After having researched the issue even more (and not come up with anything remotely helpful) I tried emerging glibc first (worked) and then gcc. Although it still won't compile (neither with basic, nor hardened specs set with gcc-config), the error message is not the same as previously. I do think I've screwed up my system even more now though...
Bumpish: Does someone have any suggestions at all what causes the problems described in my original post, or is the only remaining thing to do to wipe the system and reinstall Gentoo? |
|
Back to top |
|
|
aka.doode n00b
Joined: 16 May 2005 Posts: 45 Location: Sweden
|
Posted: Tue Jun 28, 2005 1:49 pm Post subject: |
|
|
I reinstalled and got things to work. After having read about supported profiles I'm guessing things got out of hand because used the hardened/amd64 profile, which isn't listed in the "supported profiles" table. |
|
Back to top |
|
|
makk n00b
Joined: 15 Jul 2005 Posts: 8
|
Posted: Fri Jul 15, 2005 11:43 pm Post subject: |
|
|
some solution |
|
Back to top |
|
|
|