Hi!
On Sat, Jun 07, 2014 at 11:48:53PM +0200, "Tóth Attila" wrote:
> > Some time ago I noticed this in kernel logs:
> > kern.alert: grsec: denied RWX mmap of <anonymous mapping> by
> > /usr/lib64/python-exec/python2.7/layman[layman:9717] uid/euid:0/0
> > gid/egid:0/0, parent /bin/bash[sh:9695] uid/euid:0/0 gid/egid:0/0
> > Looks like it doesn't break layman, but I still wonder why it happens and
> > is it possible to fix this (without paxmarking python, of course)?
> I don't see this in my logs. The python executable has the "E" flag on my
> systems.
I've just re-emerged both pythons, here is flags:
# paxctl-ng -v /usr/bin/python?.?
/usr/bin/python2.7:
PT_PAX : -e---
XATTR_PAX : -E---
/usr/bin/python3.3:
PT_PAX : -e---
XATTR_PAX : -E---
Next, I've run eix-sync and get this in kernel log:
2014-06-07_23:07:50.51597 kern.alert: grsec: denied RWX mmap of <anonymous
mapping> by /usr/lib64/python-exec/python2.7/layman[layman:3854] uid/euid:0/0
gid/egid:0/0, parent /bin/bash[sh:3830] uid/euid:0/0 gid/egid:0/0
2014-06-07_23:07:50.82796 kern.alert: grsec: denied RWX mmap of <anonymous
mapping> by /usr/bin/python3.3[emerge:3977] uid/euid:0/0 gid/egid:0/0, parent
/bin/bash[sh:3830] uid/euid:0/0 gid/egid:0/0
2014-06-07_23:07:56.00097 kern.alert: grsec: denied RWX mmap of <anonymous
mapping> by /usr/bin/python3.3[egencache:4009] uid/euid:0/0 gid/egid:0/0,
parent /bin/bash[sh:3830] uid/euid:0/0 gid/egid:0/0
2014-06-07_23:07:56.39894 kern.alert: grsec: denied RWX mmap of <anonymous
mapping> by /usr/bin/python3.3[egencache:4028] uid/euid:0/0 gid/egid:0/0,
parent /bin/bash[sh:3830] uid/euid:0/0 gid/egid:0/0
# cat /etc/eix-sync.conf
*
@egencache --repo=powerman --update
@egencache --repo=local --update
--
WBR, Alex.
