On 5 Dec 2007 at 8:59, Grant wrote:

> No! Is that the problem? USE=multilib has no effect because they are
> all (-multilib). Should I switch my profile from:
>
> /usr/portage/profiles/hardened/amd64
>
> to:
>
> /usr/portage/profiles/hardened/amd64/multilib
>
> ?

khm, obviously if you want 32 bit apps on a 64 bit system you need
multilib... i wonder how you could even emerge the emul-* packages
in that profile, it should not be allowed.

> > since wengophone is binary only, obviously it's their problem .
>
> OK, I'm not familiar with RPATH.

no worries, it was a comment more for the generic dev ppl who are
lurking here and might take it up .

--
gentoo-hardened@gentoo.org mailing list

> > I don't know what RBAC is but I'm guessing I would know if I were
> > using it. I don't have grsec or any other "Security options" enabled
> > in the kernel at all.
>
> it's grsecurity's access control system and when not set up properly,
> it could also cause this ENOENT error.

grsec would have to be enabled in the kernel config though right? I
definitely don't have it enabled there.

> > Copying /bin/ls to /opt/bin/ls and executing it works perfectly.
>
> ok, so it's very likely a 32 bit only problem.
>
> > I don't know of any 32-bit binaries on my system except wengophone,
> > skype, and firefox-bin and they all fail.
>
> ok, another idea: have you got /lib/ld-linux.so.2 on your system? it's
> needed for dynamically linked apps, i think it's in emul-linux-x86-compat.

I do not have ld-linux.so.2 anywhere on my system but
emul-linux-x86-compat is installed. The ELOG for that package says
files are only installed in /usr/lib32/ and the closest things to
ld-linux.so.2 are /usr/lib32/ld-linux.so.1.9.11 and
/usr/lib32/ld-linux.so.1. I Googled but I can't figure out which
package ld-linux.so.2 belongs to. Any other package ideas?

> on a sidenote, the RPATH in qtwengophone is a disaster, someone should
> let them know...

Is it a Gentoo problem or upstream?

- Grant
--
gentoo-hardened@gentoo.org mailing list

> > > ok, another idea: have you got /lib/ld-linux.so.2 on your system? it's
> > > needed for dynamically linked apps, i think it's in emul-linux-x86-compat.
> >
> > I do not have ld-linux.so.2 anywhere on my system but
> > emul-linux-x86-compat is installed. The ELOG for that package says
> > files are only installed in /usr/lib32/ and the closest things to
> > ld-linux.so.2 are /usr/lib32/ld-linux.so.1.9.11 and
> > /usr/lib32/ld-linux.so.1. I Googled but I can't figure out which
> > package ld-linux.so.2 belongs to. Any other package ideas?
>
> ok, so that's your problem (missing interpreter for 32 bit binaries),
> and i was wrong, it doesn't come from that package but glibc itself,
> provided you have a multilib enabled profile (or USE flag?) - do you?

No! Is that the problem? USE=multilib has no effect because they are
all (-multilib). Should I switch my profile from:

/usr/portage/profiles/hardened/amd64

to:

/usr/portage/profiles/hardened/amd64/multilib

?

> > > on a sidenote, the RPATH in qtwengophone is a disaster, someone should
> > > let them know...
> >
> > Is it a Gentoo problem or upstream?
>
> since wengophone is binary only, obviously it's their problem .

OK, I'm not familiar with RPATH.

- Grant
--
gentoo-hardened@gentoo.org mailing list

On Wed, 05 Dec 2007 08:31:15 -0800
Ned Ludd <solar@gentoo.org> wrote:

> > Is it a Gentoo problem or upstream?
>
> I think it's unique to you. Remerge glibc and or create the proper
> symlink in /lib/ so that the PT_INTERP can be found.

Surely this is due to the OP using a non-multilib profile?

> $ emerge --info
> Portage 2.1.3.19 (hardened/amd64, gcc-3.4.6, glibc-2.6.1-r0,
> 2.6.22-hardened-r8 x86_64)

-atj
--
gentoo-hardened@gentoo.org mailing list

> > No! Is that the problem? USE=multilib has no effect because they are
> > all (-multilib). Should I switch my profile from:
> >
> > /usr/portage/profiles/hardened/amd64
> >
> > to:
> >
> > /usr/portage/profiles/hardened/amd64/multilib
> >
> > ?
>
> khm, obviously if you want 32 bit apps on a 64 bit system you need
> multilib... i wonder how you could even emerge the emul-* packages
> in that profile, it should not be allowed.

Nice, at least this is solved (by you). Is switching profiles
problematic or should I just switch the link and emerge world?

- Grant
--
gentoo-hardened@gentoo.org mailing list

On Wed, 2007-12-05 at 09:20 -0800, Grant wrote:
> > > No! Is that the problem? USE=multilib has no effect because they are
> > > all (-multilib). Should I switch my profile from:
> > >
> > > /usr/portage/profiles/hardened/amd64
> > >
> > > to:
> > >
> > > /usr/portage/profiles/hardened/amd64/multilib
> > >
> > > ?
> >
> > khm, obviously if you want 32 bit apps on a 64 bit system you need
> > multilib... i wonder how you could even emerge the emul-* packages
> > in that profile, it should not be allowed.
>
> Nice, at least this is solved (by you). Is switching profiles
> problematic or should I just switch the link and emerge world?


Complete reinstall.



--
Ned Ludd <solar@gentoo.org>
Gentoo Linux

--
gentoo-hardened@gentoo.org mailing list

> > > > No! Is that the problem? USE=multilib has no effect because they are
> > > > all (-multilib). Should I switch my profile from:
> > > >
> > > > /usr/portage/profiles/hardened/amd64
> > > >
> > > > to:
> > > >
> > > > /usr/portage/profiles/hardened/amd64/multilib
> > > >
> > > > ?
> > >
> > > khm, obviously if you want 32 bit apps on a 64 bit system you need
> > > multilib... i wonder how you could even emerge the emul-* packages
> > > in that profile, it should not be allowed.
> >
> > Nice, at least this is solved (by you). Is switching profiles
> > problematic or should I just switch the link and emerge world?
>
>
> Complete reinstall.

Any other option whatsoever to get on multilib?

- Grant
--
gentoo-hardened@gentoo.org mailing list

I'm not convinced it's a problem with multilib. The multilib use flag is deprecated and hard masked in most profiles (in fact, it takes a fair bit of juggling and profile mangling to get it back on). I would hesitate to say that it's multilib at all. I have an AMD64 system at work which is running hardened sources with pax, I will have to see what profile it's using and if it has the "multilib" flag at all.


It may not be hardened at all. I get ENOENT problems with filesystem corruptions, so I would recommend that you reboot with the livecd and fsck the partitions as well (it would at least be faster than a re-install).


On Dec 5, 2007 12:32 PM, Grant <emailgrant@gmail.com> wrote:

> > > > No! *Is that the problem? *USE=multilib has no effect because they are
> > > > all (-multilib). *Should I switch my profile from:
> > > >
> > > > /usr/portage/profiles/hardened/amd64

> > > >
> > > > to:
> > > >
> > > > /usr/portage/profiles/hardened/amd64/multilib
> > > >
> > > > ?
> > >
> > > khm, obviously if you want 32 bit apps on a 64 bit system you need

> > > multilib... i wonder how you could even emerge the emul-* packages
> > > in that profile, it should not be allowed.
> >
> > Nice, at least this is solved (by you). *Is switching profiles

> > problematic or should I just switch the link and emerge world?
>
>
> Complete reinstall.

Any other option whatsoever to get on multilib?

- Grant

--
gentoo-hardened@gentoo.org mailing list