From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LpOye-0006A4-Rr for garchives@archives.gentoo.org; Thu, 02 Apr 2009 15:37:13 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 05618E0432; Thu, 2 Apr 2009 15:37:11 +0000 (UTC) Received: from qw-out-1920.google.com (qw-out-1920.google.com [74.125.92.145]) by pigeon.gentoo.org (Postfix) with ESMTP id C7CF8E0432 for ; Thu, 2 Apr 2009 15:37:10 +0000 (UTC) Received: by qw-out-1920.google.com with SMTP id 5so473428qwc.10 for ; Thu, 02 Apr 2009 08:37:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=15hTOBP3wKEkxgs8Ls0VMU3p4Hxqj6y0ozvwX6RQ/w0=; b=va1HQ4YYd+5JBID5U7D+iqnPVISd14QgAHjJInQ+rtkwVqHKyRL03frn8Khu9uJvwo JVXA4Ph7nkPPzWRuuBo94qM4vyzX0nkcSK8FdVrAhx06UuHePV0pnQRqMWWKOKrElw50 yP/NTVZiZ9gS4Biga4t7uLXXTNNrKQx6f3tRY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=czKsjpL2EcFf2q2bGlkmrwC28l5YVor13tzYxKL65wI3yGg8a7R21vyiJy9BgZCJ67 9eEycfr0FH3UKCtXXioh6jwLB9yPa+6F/aCmTBGLyupqAyDyMJMcScAeIkbk2pf9orl1 XMVdsXxfYCU/DcZhsNOVeKIRa1eqhjUavoaFs= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 Received: by 10.220.45.205 with SMTP id g13mr268093vcf.64.1238686629655; Thu, 02 Apr 2009 08:37:09 -0700 (PDT) In-Reply-To: <20090402152926.GH32102@home.power> References: <20090402140533.GG32102@home.power> <20090402152926.GH32102@home.power> Date: Thu, 2 Apr 2009 09:37:09 -0600 Message-ID: <4255c2570904020837n128d8ca2ga66c30506b4f3566@mail.gmail.com> Subject: Re: [gentoo-hardened] 2.6.28-hardened-r7 hangs before starting /sbin/init From: RB To: gentoo-hardened@lists.gentoo.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Archives-Salt: 1cd3ea37-a613-4701-aca2-07f7022481dc X-Archives-Hash: 1c72bd21f81a0a8b240f203a85ebb021 On Thu, Apr 2, 2009 at 09:29, Alex Efros wrote: > Hi! > > switching off CONFIG_PAX_MPROTECT solve this issue > > Now I'll try to paxctl -m for /bin/bash and /sbin/runit-init (with > switched on CONFIG_PAX_MPROTECT, of course)... yeah, that solves this > issue too. > > > So, now we've very strange situation: PaX require -m for process N1. > This isn't related to my init (runit-init) because same happens for bash. > This happens only on one server - several other servers with exactly same > hardware, kernel and gentoo configuration doesn't have this issue. I question whether your configurations are *precisely* the same. If I had to guess (and I do), I'd guess that the system in question wasn't wholly built with the -hardened toolchain. Once you grow beyond a few identical systems, it often becomes beneficial to use a single central build system and PORTAGE_BINHOST with 'emerge -gK' to install the other systems.