Willie Wong wrote Wonko: > On Mon, Feb 11, 2008 at 11:24:49PM +0100, Penguin Lover Alex Schuster > squawked: > > I emerged -e again, this time without distcc and ccache. All compiled > > fine, except for media-video/mplayer-1.0_rc2_p24929-r1 > > (vf_decimate.c:26: error: can't find a register in class `BREG' while > > reloading `asm') and > > http://bugs.gentoo.org/show_bug.cgi?id=175627 > > Like you found below, it can be avoided using vanilla GCC. > That is why I still only have mplayer-1.0_rc1-r2, that one compiled > okay.
Isn't that the version with those many security holes? But then, looking at <http://www.mplayerhq.hu/design7/news.html>, it seems that all versions pre r25824 have some. > > x11-misc/xscreensaver-5.04: > > lockward.c:59: error: syntax error before "uint8_t" > > Not a problem with hardened. > http://bugs.gentoo.org/show_bug.cgi?id=208731 > Meanwhile, downgrade to 5.03, that one works. Thanks! > > But most annoying is that the nvidia drivers do not seem to work. > > First, > > what card and which drivers? 01:00.0 VGA compatible controller: nVidia Corporation NV15 [GeForce2 GTS/Pro] (rev a4) I have nvidia drivers version 71.86.01 running now. I also re-compiled xorg-server, with vanilla gcc, GLX is running fine again, and I am happy. > I have an old card that is not supported by drivers >= 1.0.9700, so > ... scratch that, I didn't notice that the versioning scheme changed. > > http://www.gentoo.org/doc/en/nvidia-guide.xml > > > they refused to compile telling me that this would do more harm than > > good with a hardened setup. I put them into packages.unmask, now they > > compile and the nvidia module loads, but still X has no GLX, xorg.0.log > > says "Failed to initialize GLX extension (NVIDIA X driver not found)", > > This really does not sound like a hardened issue... I need to upgrade > my drivers to the 96.* to see if I can reproduce your problem, but > with 1.0.8776 (from two years ago) I definitely do not have your > problem. Maybe I'll try again with hardened then. My experience with nvidia is that that it makes LOTS of trouble. This, and VMware, often made kerned updates a real pain for me. I often got those errors before, with the desktop profile, on different machines. > > glxinfo segfaults. I guess I will try to re-compile all X stuff with > > the vanilla gcc. > > glxinfo segfaulting is expected. Do you have chpax/paxctl installed? No, not yet. I must admit I do not know much about hardened yet, but I want to play around with it and get some experience, so I started with preparing the setup by setting the hardened profile and switching to a hardened kernel. > I have my entire system on the > hardened profile (including X and nvidia [yes, despite the warnings of > the hardened team about nvidia]) and no problems. My guess is that > your problem with GLX lies somewhere else. That's good to hear! So I will stick with hardened. > > Would it be possible to make these changes permanent, that is, can I > > tell portage to compile specific packages with a specific > > compiler? /etc/portage/package.compilerflavor or something? > > Don't know. On the wiki there is a way to switch CFLAGS, don't know if > something like that can be used to strip SSP and/or PIC flags from the > hardened. I don't find this information there, I guess I did not look hard enough. But there is /etc/portage/bashrc, I can put a little script in there, stripping those flags for the given packages. No problem. Thanks again, Wonko -- gentoo-user@lists.gentoo.org mailing list
