Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
genkernel mknod issues
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
hex45
n00b
n00b


Joined: 29 Jan 2018
Posts: 3

PostPosted: Mon Jan 29, 2018 5:54 am    Post subject: genkernel mknod issues Reply with quote

I am attempting to install Gentoo base booting form the Pentoo live USB. I mount things for chroot and everything goes well until I try to use genkernel-next to create initramfs. Looking at the source I have determined that the "mknod -m etc" commands are not allowed to run.

I went back to the live environment and did a "mknod -m 660 console c 5 1" in /home/pentoo directory and it worked. Why is the mknod being denied when I chroot?

Thanks
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 12366

PostPosted: Tue Jan 30, 2018 4:27 am    Post subject: Reply with quote

According to Wikipedia, Pentoo uses a grsecurity-patched kernel. Grsecurity-patched kernels are known to restrict mknod in chroot, in the name of "security." I believe there is a sysctl you can change to permit this. However, you should not need to make your own device nodes at all. What exactly failed, and why were you trying to do it?
Back to top
View user's profile Send private message
hex45
n00b
n00b


Joined: 29 Jan 2018
Posts: 3

PostPosted: Wed Jan 31, 2018 1:26 am    Post subject: Reply with quote

Just trying to follow the steps for an install. When I run "genkernel all --menuconfig" it does fine until it gets to the initramfs script. Looking at the script source it I see that it creates a temporary directory and a bunch of /dev nodes as it generates the initramfs archive.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 12366

PostPosted: Wed Jan 31, 2018 3:37 am    Post subject: Reply with quote

That is not a good way to generate the initramfs, since, as you discovered, it is needlessly fragile. It should have been done using an initramfs manifest.

Since the failure is in a script you cannot readily modify, the simplest course of action would be to permit creating device nodes. You could change the grsecurity-specific sysctl that controls this or you could use a kernel without the grsecurity patches. I do not know the name of the sysctl that controls this in grsecurity. You could also choose to create the initramfs outside of genkernel, but if you are new to this, that's considerably more work for very little real gain.
Back to top
View user's profile Send private message
hex45
n00b
n00b


Joined: 29 Jan 2018
Posts: 3

PostPosted: Sun Feb 04, 2018 10:40 pm    Post subject: Reply with quote

Is it the kernel provided by the pentoo live disc that is limiting my ability to mknod? If that is the case then why does it allow me to mknod when I am not in the chroot environment?

I am considering an alternate method of installation now by the way.

Thanks for the help.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 12366

PostPosted: Mon Feb 05, 2018 1:12 am    Post subject: Reply with quote

Yes, it is the grsecurity-patched kernel provided by Pentoo that limits you. The relevant code only limits processes that are in a chroot, on the theory that processes in a chroot are less trusted and therefore cannot be permitted to use mknod, which can be a very powerful system call.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum