BillWho Veteran
Joined: 03 Mar 2012 Posts: 1600 Location: US
|
Posted: Wed Mar 20, 2013 4:50 am Post subject: migration from PT_PAX to XATTR_PAX[solved] |
|
|
As the title indicates, I'm trying to set the XATTR_PAX attributes from PT_PAX following these instructions
I have the kernel configured correctly, it's using the pax-utils.eclass from http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-dev.git and the filesystem is set correctly.
Code: | hardened linux # grep XATTR .config
CONFIG_EXT2_FS_XATTR=y
CONFIG_EXT3_FS_XATTR=y
CONFIG_EXT4_FS_XATTR=y
CONFIG_REISERFS_FS_XATTR=y
CONFIG_TMPFS_XATTR=y
CONFIG_CIFS_XATTR=y
CONFIG_PAX_XATTR_PAX_FLAGS=y |
I ran migrate-pax -mv and just using gedit as an example.
Code: | hardened ~ # migrate-pax -v|grep gedit
-e--- /usr/lib/gedit-2/plugins/libdocinfo.so
-e--- /usr/lib/gedit-2/plugins/libsort.so
-e--- /usr/lib/gedit-2/plugins/libchangecase.so
-e--- /usr/lib/gedit-2/plugins/libmodelines.so
-e--- /usr/lib/gedit-2/plugins/libtaglist.so
-e--- /usr/lib/gedit-2/plugins/libtime.so
-e--- /usr/lib/gedit-2/plugins/libfilebrowser.so
-e--- /usr/lib/gedit-2/plugin-loaders/libcloader.so
-e--- /usr/bin/gedit
|
However a check reveals
Code: | hardened ~ # paxctl-ng -v $(which gedit)
/usr/bin/gedit:
PT_PAX : -e---
XATTR_PAX: not found
hardened linux # paxctl-ng -v /usr/lib/gedit-2/plugins/libmodelines.so
/usr/lib/gedit-2/plugins/libmodelines.so:
PT_PAX : -e---
XATTR_PAX: not found
|
Which leaves me totally baffled
Anyone have an idea what I missed here
UPDATE: I missed "will copy the PT_PAX flags to XATTR_PAX for every ELF object that portage knows about, except for those object which have the default flags"
I changed the PT_PAX from the default on one elf and it transfered flags _________________ Good luck
Since installing gentoo, my life has become one long emerge |
|