Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED]opera: "Failed to set up core", segfaults (hardened)
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Desktop Environments
View previous topic :: View next topic  
Author Message
eminenz
Tux's lil' helper
Tux's lil' helper


Joined: 16 Jul 2006
Posts: 90

PostPosted: Fri May 10, 2013 2:48 pm    Post subject: [SOLVED]opera: "Failed to set up core", segfaults Reply with quote

Hi!

I recently switched to the hardened gentoo kernel 3.7.5 and profile and successfully rebuilt the system ebuild class.
I have configured
Code:
PAX_MARKINGS="XT
" in /etc/make.conf, and have an XATTR supporting FS and kernel.

In this configuration, I am unable to start opera at all. Starting yields
Quote:
~ $ opera
opera: Failed to set up core.

And many other program segfault.

I tried setting more "disable ....." pax-flags for the binaries using paxctl, even tried them all after it didn't help to just disable Mprotect and RandMMap.

Many other programs crash, too, giving away segfaults messages.

The behaviour is the same when I boot in softmode (pax_softmode=1), I have the impression it is ignored just as the pax xattr markings, although the kernel supports it.

I noticed that in the postinst phase of the emerge the following error comes up:

Code:
LOG: install
Failed to set XATTR_PAX markings -m for:
     /var/tmp/portage/www-client/opera-12.15_p1748/image///usr/lib/opera/liboperagtk3.so

However I'm able to manually set them. Well, it didn't help.

Something similar happens for Libreoffice; that's working nice, though.
Quote:
Failed to set XATTR_PAX markings -m for:
/usr/lib/libreoffice/program/soffice.bin
Failed to set XATTR_PAX markings -m for:
/usr/lib/libreoffice/program/unopkg.bin




I also have trouble to debug the segfaults, as gdb doesn't work either, regradless of softmode, the flags of any binary or the flags of the gdb executable itself. I adhered to the hardened debugging guide, but it doesn't work for me.


I somehow have the impression pax doesn't "read" the xattr flags or accept softmode being enabled.
Can anybody give me a hint where the problem is?
Most other browsers segfault, too, it's not fun to browse and write on a mobile phone :(

Thanks!


Last edited by eminenz on Sun May 12, 2013 8:25 pm; edited 1 time in total
Back to top
View user's profile Send private message
eminenz
Tux's lil' helper
Tux's lil' helper


Joined: 16 Jul 2006
Posts: 90

PostPosted: Fri May 10, 2013 6:15 pm    Post subject: Reply with quote

ok, I realized:
PAX-Flags are not written to the disk at all.

Code:
eminenz # paxctl-ng -rm /usr/bin/opera
eminenz # paxctl-ng -v /usr/bin/opera
/usr/bin/opera:
   XATTR_PAX: not found


Any help, why xattr maybe could not be stored to disk?
The kernel supports ext-filesystems with xattr.
setfattr is accessible
Back to top
View user's profile Send private message
eminenz
Tux's lil' helper
Tux's lil' helper


Joined: 16 Jul 2006
Posts: 90

PostPosted: Sun May 12, 2013 8:22 pm    Post subject: Reply with quote

got it.
pax does not use trusted or security extended attribute namespace, it uses USER namespace.
Access to the former one has to be explicitly enabled during filesystem mount via the user_xattr option.

I didn't expect that. Setting that option solved it at once.

Code:
grep -e user_xattr /etc/fstab
/dev/sda1      /         ext2   defaults,relatime,nodiratime,user_xattr      0 1
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Desktop Environments All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum