headers
Laszlo 'GCS' Boszormenyi | 29 Jul 2004 22:04
Picon

gradm2 CVS bug

Hi,

 OK, I made myself a bit bad time. I let gradm2 2.0 create /dev/grsec as
'c 1 10', and as I have switched to the CVS version, it said it does not
exists anymore. The problem was that Spender changed the minor number, thus
it is 'c 1 12' now.
 Btw, the CVS version, which was checked out yesterday dumps core for
me (strace output coming):
[...]
stat64("/usr/bin/ssh", {st_mode=S_IFREG|0755, st_size=226168, ...}) = 0
lstat64("/etc/ssh/ssh_config", {st_mode=S_IFREG|0644, st_size=1185,
...}) = 0
read(3, "", 8192)                       = 0
ioctl(3, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbfbcd370) = -1 ENOTTY
(Inappropriate ioctl for device)
--- SIGSEGV (Segmentation fault)  <at>  0 (0) ---
+++ killed by SIGSEGV +++

Am I doing wrong something maybe, or is it a bug in gradm2?

Cheers,
Laszlo/GCS
Permalink | Reply | 2 comments |
headers
spender | 29 Jul 2004 22:10
Favicon

Re: gradm2 CVS bug

>  OK, I made myself a bit bad time. I let gradm2 2.0 create /dev/grsec as
> 'c 1 10', and as I have switched to the CVS version, it said it does not
> exists anymore. The problem was that Spender changed the minor number, thus
> it is 'c 1 12' now.

make install should have removed the old device and installed the new 
one.  Did it not do that, or did you not run make install?

>  Btw, the CVS version, which was checked out yesterday dumps core for
> me (strace output coming):

A crash caused by the new directory including code was fixed yesterday.  
You must have grabbed the source just before it was fixed.

-Brad
Permalink | Reply | 1 comment |
headers
Laszlo 'GCS' Boszormenyi | 29 Jul 2004 22:39
Picon

Re: gradm2 CVS bug

* spender@...
<spender@...> [2004-07-29 16:10:33 -0400]:

> make install should have removed the old device and installed the new 
> one.  Did it not do that, or did you not run make install?
 I did 'make install'; I just have two machines, one with gcc and one
without: where I compiled and installed I can not currently use
grsecurity, but copied over the binary to the other machine. I have seen
that acl was renamed policy, and did that by hand on the other machine,
but missed the device change.

> A crash caused by the new directory including code was fixed yesterday.  
> You must have grabbed the source just before it was fixed.
 Seems just before the fix. Updated the source, recompiled and
transfered to the other machine and it is working now. Thanks for the
quick response.

My luck,
Laszlo/GCS
Permalink | Reply | 0 comments |
headers
Marc-Christian Petersen | 30 Jul 2004 12:05
Picon

Re: binutils 2.15.91.0.1 + PaX patch for Debian SID

On Saturday 24 July 2004 21:33, Lucas Albers wrote:

Hi Lucas,

> > I've done new binutils with PaX patch for Debian SID (unstable) usage
> > Next on my todo is newest libc which works with NOVSYSCALL from PaX. I
> > don't
> > want to wait another 2 years for Debian to fix that up :p

> I take debian just won't make these changes to to binutils and libc?
> Why not, I wonder.

maybe debian policy or whatever ... ;( I think they won't take these, never 
ever, and if I am wrong, maybe in 2-3 years *scnr*


> Are they major changes?
> Have you filed bugs against the mainstream packages?

Well, just read the changelog. zless /usr/share/doc/binutils/changelog.gz
I'm not aware of major bugs.

Debian just got binutils 2.15 into SID. Available tomorrow, or now from 
incoming.debian.org. Unforunately even w/o relro support.

I'm just cooking up a new binutils package based on cvs from today with relro 
and PaX support. After that finally a new glibc package with fixed vsyscall. A 
bug report for glibc exists since months but they only fix man page issues or 
typos and kinda that instead of real bugs.
(Continue reading)

Permalink | Reply | 8 comments |
headers
spender | 30 Jul 2004 12:35
Favicon

Re: binutils 2.15.91.0.1 + PaX patch for Debian SID

> I'm just cooking up a new binutils package based on cvs from today with relro 
> and PaX support. After that finally a new glibc package with fixed vsyscall. A 
> bug report for glibc exists since months but they only fix man page issues or 
> typos and kinda that instead of real bugs.

Actually there's a new glibc package that fixes the bug with vsyscall.  
http://gotom.jp/~gotom/debian/glibc/2.3.2.ds1-14/

-Brad
Permalink | Reply | 4 comments |
headers
Marc-Christian Petersen | 30 Jul 2004 12:58
Picon

Re: binutils 2.15.91.0.1 + PaX patch for Debian SID

On Friday 30 July 2004 12:05, Marc-Christian Petersen wrote:

> I'm just cooking up a new binutils package based on cvs from today with
> relro and PaX support.

the packages are online. Just apt-get update, apt-get upgrade if you have:

deb http://debian.linux-systeme.com      sid      main
deb-src http://debian.linux-systeme.com  sid      main

in your apt.conf. It's binutils 2.15.20040730-1

--

-- 
ciao, Marc
Permalink | Reply | 2 comments |
headers
Chris Humphries | 30 Jul 2004 21:19

Re: binutils 2.15.91.0.1 + PaX patch for Debian SID

hostname doesn't resolve.

debian.linux-system.com does though, possible type-o?

Marc-Christian Petersen wrote:
> On Friday 30 July 2004 12:05, Marc-Christian Petersen wrote:
> 
> 
> 
>>I'm just cooking up a new binutils package based on cvs from today with
>>relro and PaX support.
> 
> 
> the packages are online. Just apt-get update, apt-get upgrade if you have:
> 
> deb http://debian.linux-systeme.com      sid      main
> deb-src http://debian.linux-systeme.com  sid      main
> 
> in your apt.conf. It's binutils 2.15.20040730-1
>
Permalink | Reply | 1 comment |
headers
Marc-Christian Petersen | 30 Jul 2004 22:08
Picon

Re: binutils 2.15.91.0.1 + PaX patch for Debian SID

On Friday 30 July 2004 21:19, Chris Humphries wrote:

> hostname doesn't resolve.
> debian.linux-system.com does though, possible type-o?

nope. linux-system.com isn't me nor my company.

debian.linux-systeme.com resolves. I don't know why it does not for you?! 
*wondering*

--

-- 
ciao, Marc
Permalink | Reply | 0 comments |

Gmane