View previous topic :: View next topic |
Author |
Message |
eminenz Tux's lil' helper
Joined: 16 Jul 2006 Posts: 95
|
Posted: Fri May 10, 2013 2:48 pm Post subject: [SOLVED]opera: "Failed to set up core", segfaults |
|
|
Hi!
I recently switched to the hardened gentoo kernel 3.7.5 and profile and successfully rebuilt the system ebuild class.
I have configured " in /etc/make.conf, and have an XATTR supporting FS and kernel.
In this configuration, I am unable to start opera at all. Starting yields
Quote: | ~ $ opera
opera: Failed to set up core. |
And many other program segfault.
I tried setting more "disable ....." pax-flags for the binaries using paxctl, even tried them all after it didn't help to just disable Mprotect and RandMMap.
Many other programs crash, too, giving away segfaults messages.
The behaviour is the same when I boot in softmode (pax_softmode=1), I have the impression it is ignored just as the pax xattr markings, although the kernel supports it.
I noticed that in the postinst phase of the emerge the following error comes up:
Code: | LOG: install
Failed to set XATTR_PAX markings -m for:
/var/tmp/portage/www-client/opera-12.15_p1748/image///usr/lib/opera/liboperagtk3.so
|
However I'm able to manually set them. Well, it didn't help.
Something similar happens for Libreoffice; that's working nice, though.
Quote: | Failed to set XATTR_PAX markings -m for:
/usr/lib/libreoffice/program/soffice.bin
Failed to set XATTR_PAX markings -m for:
/usr/lib/libreoffice/program/unopkg.bin
|
I also have trouble to debug the segfaults, as gdb doesn't work either, regradless of softmode, the flags of any binary or the flags of the gdb executable itself. I adhered to the hardened debugging guide, but it doesn't work for me.
I somehow have the impression pax doesn't "read" the xattr flags or accept softmode being enabled.
Can anybody give me a hint where the problem is?
Most other browsers segfault, too, it's not fun to browse and write on a mobile phone
Thanks!
Last edited by eminenz on Sun May 12, 2013 8:25 pm; edited 1 time in total |
|
Back to top |
|
|
eminenz Tux's lil' helper
Joined: 16 Jul 2006 Posts: 95
|
Posted: Fri May 10, 2013 6:15 pm Post subject: |
|
|
ok, I realized:
PAX-Flags are not written to the disk at all.
Code: | eminenz # paxctl-ng -rm /usr/bin/opera
eminenz # paxctl-ng -v /usr/bin/opera
/usr/bin/opera:
XATTR_PAX: not found |
Any help, why xattr maybe could not be stored to disk?
The kernel supports ext-filesystems with xattr.
setfattr is accessible |
|
Back to top |
|
|
eminenz Tux's lil' helper
Joined: 16 Jul 2006 Posts: 95
|
Posted: Sun May 12, 2013 8:22 pm Post subject: |
|
|
got it.
pax does not use trusted or security extended attribute namespace, it uses USER namespace.
Access to the former one has to be explicitly enabled during filesystem mount via the user_xattr option.
I didn't expect that. Setting that option solved it at once.
Code: | grep -e user_xattr /etc/fstab
/dev/sda1 / ext2 defaults,relatime,nodiratime,user_xattr 0 1
|
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|