On Thu, 17 Nov 2016 08:24:40 +0200
Timo Teras <timo.teras_at_iki.fi> wrote:
> > > > b) Then I run crossbuild script, and I need remove paxmark lines
> > > > in gcc's APKBUILD as it returns an unknown error (while
> > > > creat-cross script runs just fine). AFAIK, it is about security
> > > > concerns, not system's functionality, so for now I guess it is
> > > > okay.
> > >
> > > Your kernel is probably built without XATTR support. paxmark
> > > requires XATTR enabled kernel.
> > I guess my x86_64 machine running grsec kernel (linux-grsec package)
> > is XATTR-enabled. I looked a little bit closer on the build log and
> > see this : http://sprunge.us/EIVE. When I try to run those $ paxctl
> > manually (code from /usr/sbin/paxmark), they just pass alright
> > with no output on stdout nor stderr. I also tried adding
> > --enable-xattr-support to configure script in gcc APKBUILD, but it
> > won't help. What do you think ?
> The kernel should be xattr enabled. What filesystem are you using?
> Perhaps there's some filesystem level knob (kernel config) or
$ df -T | grep sda
/dev/sda3 ext4 20473424 6217272 13196368 32% /
/dev/sda1 ext4 95054 16460 71426 19% /boot
$ cat /proc/fs/ext4/sda1/options | grep xattr
$ cat /proc/fs/ext4/sda3/options | grep xattr
> > Another problem I am having is when cross-compiling linux-vanilla
> > package using aports/scripts/bootstrap.sh : http://sprunge.us/AAcA.
> > I am reading abuild source code to find the cause but still nothing
> > new. It'd be nice if you help me to have a look.
> Bootstrap script was not yet updated for libressl change. I'll take a
> look at this. I think the only change needed is to build libressl
> instead of openssl. I'll push fix for this soon.
Actually this occurred to me before libress was adopted. After libressl
was introduced, I also changed Bootstrap script, libressl APKBUILD,
kernel config to adop libressl too, but still the bug. So I guess it's
more likely coming from abuild. Here are some of my patches, in case
you might want to have a look.
Received on Sat Nov 19 2016 - 04:15:48 GMT