FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo Hardened

 
 
LinkBack Thread Tools
 
Old 12-04-2007, 10:18 PM
Grant
 
Default Hardened laptop: am I nuts?

I installed a hardened profile on my new laptop and I'm having major
issues with apps like vmware, skype, wengo, and firefox-bin. Is
anyone else using a hardened desktop system with a hardened profile?
Am I nuts?

- Grant
--
gentoo-hardened@gentoo.org mailing list
 
Old 12-04-2007, 11:46 PM
Ned Ludd
 
Default Hardened laptop: am I nuts?

On Tue, 2007-12-04 at 15:18 -0800, Grant wrote:
> I installed a hardened profile on my new laptop and I'm having major
> issues with apps like vmware, skype, wengo, and firefox-bin.

The problems you say are major are actually pretty trivial.
Search our mailing list most of those programs have been covered as
well as the work-a-rounds before. hints: dmesg, paxctl, paxctl -C,
$EDITOR,emerge -C, etc...

> Is anyone else using a hardened desktop system with a hardened profile?

Yes. Lots of us do..

> Am I nuts?

I'm not qualified to answer this question.

> - Grant

--
gentoo-hardened@gentoo.org mailing list
 
Old 12-04-2007, 11:50 PM
 
Default Hardened laptop: am I nuts?

On 4 Dec 2007 at 17:08, Grant wrote:

> > Search our mailing list most of those programs have been covered as
> > well as the work-a-rounds before.
>
> I've been subscribed to this list since 09/2004. It's all in my gmail
> account and "skype", "vmware", "wango", and "firefox-bin" searches
> bring up about 4 messages each (including this one). None describe my
> problem.

to be honest, you haven't exactly described your problem(s) either...

--
gentoo-hardened@gentoo.org mailing list
 
Old 12-04-2007, 11:59 PM
Grant
 
Default Hardened laptop: am I nuts?

> > I installed a hardened profile on my new laptop and I'm having major
> > issues with apps like vmware, skype, wengo, and firefox-bin.
>
> The problems you say are major are actually pretty trivial.

If you mean the problem of not being able to use those programs is
trivial I must disagree, but if you mean its a trivial problem that
keeps me from using those programs, then I hope so.

> Search our mailing list most of those programs have been covered as
> well as the work-a-rounds before. hints: dmesg, paxctl, paxctl -C,
> $EDITOR,emerge -C, etc...

The only one I'm unfamiliar with there is paxctl and I'm not using PAX
in the kernel. Does having a hardened profile mean I'm using PAX in
another way? I'll do a mailing list search for the program names I
listed.

- Grant
--
gentoo-hardened@gentoo.org mailing list
 
Old 12-05-2007, 12:00 AM
"Alex Howells"
 
Default Hardened laptop: am I nuts?

> > Is anyone else using a hardened desktop system with a hardened profile?
>
> Yes. Lots of us do..

Fuel the paranoia! Plenty of good reasons to run a hardened profile
on your desktop Have you gone down the route of using
hardened-sources, or are you using RSBAC? Maybe you went for SELinux?
More info required...

> > Am I nuts?
>
> I'm not qualified to answer this question.

I'm an amateur psychologist, so answer for me;

* Do you dream about men in white lab coats?
* Are aliens conspiring to h4xx0r your desktop?
* Is the NSA really watching you? Right now?
* Does Paris Hilton really have genius-level intellect?
* Is your first name Grant?

If your answer to two (or more) of the above is 'YES' then you may
need help. Dial 1-800-COMMITME right away!
--
gentoo-hardened@gentoo.org mailing list
 
Old 12-05-2007, 12:08 AM
Grant
 
Default Hardened laptop: am I nuts?

> Search our mailing list most of those programs have been covered as
> well as the work-a-rounds before.

I've been subscribed to this list since 09/2004. It's all in my gmail
account and "skype", "vmware", "wango", and "firefox-bin" searches
bring up about 4 messages each (including this one). None describe my
problem.

- Grant
--
gentoo-hardened@gentoo.org mailing list
 
Old 12-05-2007, 12:11 AM
Grant
 
Default Hardened laptop: am I nuts?

> > > Is anyone else using a hardened desktop system with a hardened profile?
> >
> > Yes. Lots of us do..
>
> Fuel the paranoia! Plenty of good reasons to run a hardened profile
> on your desktop Have you gone down the route of using
> hardened-sources, or are you using RSBAC? Maybe you went for SELinux?
> More info required...

I'm indeed using hardened-sources.

> > > Am I nuts?
> >
> > I'm not qualified to answer this question.
>
> I'm an amateur psychologist, so answer for me;
>
> * Do you dream about men in white lab coats?
> * Are aliens conspiring to h4xx0r your desktop?
> * Is the NSA really watching you? Right now?
> * Does Paris Hilton really have genius-level intellect?
> * Is your first name Grant?
>
> If your answer to two (or more) of the above is 'YES' then you may
> need help. Dial 1-800-COMMITME right away!

You sarcasm is so thick I can't get at the substance. Care to water
it down? Something like "a hardened laptop is a good idea" or
alternatively "a hardened laptop is a bad idea" or even "a hardened
laptop is OK".

- Grant
--
gentoo-hardened@gentoo.org mailing list
 
Old 12-05-2007, 12:17 AM
 
Default Hardened laptop: am I nuts?

On 4 Dec 2007 at 18:11, Grant wrote:

> $ skype
> /usr/bin/skype: line 10: /opt/skype/skype: No such file or directory
> /usr/bin/skype: line 10: /opt/skype/skype: Success
> $ wengophone
> /opt/bin/wengophone: line 10: /opt/wengophone/qtwengophone: No such
> file or directory
> /opt/bin/wengophone: line 10: /opt/wengophone/qtwengophone: Success
> $ firefox-bin
> /usr/libexec/mozilla-launcher: line 368:
> /opt/firefox/mozilla-xremote-client: No such file or directory
> Unknown error 127 from mozilla-xremote-client
> /usr/libexec/mozilla-launcher: line 460: /opt/firefox/firefox-bin: No
> such file or directory
> firefox-bin exited with non-zero status (127)
>
> All of the errors are very similar, and all of the files they say
> don't exist definitely do.

all of them seem to be in /opt. is that a special mount with noexec
set perhaps? otherwise you could 'strace -f' one of these and check
what exactly fails.

--
gentoo-hardened@gentoo.org mailing list
 
Old 12-05-2007, 01:11 AM
Grant
 
Default Hardened laptop: am I nuts?

> > > Search our mailing list most of those programs have been covered as
> > > well as the work-a-rounds before.
> >
> > I've been subscribed to this list since 09/2004. It's all in my gmail
> > account and "skype", "vmware", "wango", and "firefox-bin" searches
> > bring up about 4 messages each (including this one). None describe my
> > problem.
>
> to be honest, you haven't exactly described your problem(s) either...

You're right. I get this:

$ skype
/usr/bin/skype: line 10: /opt/skype/skype: No such file or directory
/usr/bin/skype: line 10: /opt/skype/skype: Success
$ wengophone
/opt/bin/wengophone: line 10: /opt/wengophone/qtwengophone: No such
file or directory
/opt/bin/wengophone: line 10: /opt/wengophone/qtwengophone: Success
$ firefox-bin
/usr/libexec/mozilla-launcher: line 368:
/opt/firefox/mozilla-xremote-client: No such file or directory
Unknown error 127 from mozilla-xremote-client
/usr/libexec/mozilla-launcher: line 460: /opt/firefox/firefox-bin: No
such file or directory
firefox-bin exited with non-zero status (127)

All of the errors are very similar, and all of the files they say
don't exist definitely do.

- Grant
--
gentoo-hardened@gentoo.org mailing list
 
Old 12-05-2007, 09:31 AM
"Alex Howells"
 
Default Hardened laptop: am I nuts?

On 05/12/2007, pageexec@freemail.hu <pageexec@freemail.hu> wrote:
> On 4 Dec 2007 at 18:11, Grant wrote:
>
> > $ skype
> > /usr/bin/skype: line 10: /opt/skype/skype: No such file or directory
> > /usr/bin/skype: line 10: /opt/skype/skype: Success
> > $ wengophone
> > /opt/bin/wengophone: line 10: /opt/wengophone/qtwengophone: No such
> > file or directory
> > /opt/bin/wengophone: line 10: /opt/wengophone/qtwengophone: Success
> > $ firefox-bin
> > /usr/libexec/mozilla-launcher: line 368:
> > /opt/firefox/mozilla-xremote-client: No such file or directory
> > Unknown error 127 from mozilla-xremote-client
> > /usr/libexec/mozilla-launcher: line 460: /opt/firefox/firefox-bin: No
> > such file or directory
> > firefox-bin exited with non-zero status (127)
> >
> > All of the errors are very similar, and all of the files they say
> > don't exist definitely do.
>
> all of them seem to be in /opt. is that a special mount with noexec
> set perhaps? otherwise you could 'strace -f' one of these and check
> what exactly fails.

It'd also be very useful to see the output of 'emerge --info' so we
can tell what profile you're using, any awkward CFLAGs which aren't
compatible with hardened which might have been enabled...

My earlier post wasn't really sarcasm, just badly done humour You
can blame it on me being Welsh, or whatever.
--
gentoo-hardened@gentoo.org mailing list
 

Thread Tools




All times are GMT. The time now is 11:21 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org