On Thu, May 17, 2012 at 5:40 PM, "Tóth Attila" <[email protected]> wrote: > How would I change the way /dev gets mounted? I don't have noexec as an > option listed by mount for the udev entry.
I mount devtmpfs on /dev in initramfs, but you can add an entry to /etc/fstab, too — see /etc/init.d/udev-mount for details (referring to OpenRC 0.9.8.4 here). > In my policy file Xorg is permitted to execute /dev/mem: is that no longer > needed? I use the radeon driver, not the proprietary. I didn't encounter any issues with radeon. Apparently, executing /dev/mem is not needed for any open-source Xorg drivers in portage tree. The only issue I have seen is that sometimes there is a /dev/mem *write* failure when FB_UVESA kernel module is loaded, but that is caused by GRKERNSEC_KMEM, not /dev noexec, and is apparently harmless (however, I use v86d[x86emu], so YMMV). -- Maxim Kammerer Liberté Linux (discussion / support: http://dee.su/liberte-contribute)
