Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

grsecurity kills the debian package build #1

Open
oholiab opened this issue Nov 10, 2017 · 0 comments
Open

grsecurity kills the debian package build #1

oholiab opened this issue Nov 10, 2017 · 0 comments

Comments

@oholiab
Copy link

oholiab commented Nov 10, 2017

When attempting to build the debian package for sublogmon-gui, grsecurity and PAX kill the setup of one of the packages inside the pbuilder chroot.

With master tagged as build

user@subgraph/pts/1:~/sublogmon-gui [debian-test]> cat debian/gbp.conf
[DEFAULT]
builder = git-pbuilder
debian-branch = master
upstream-tree = TAG
upstream-vcs-tag = build
postbuild = lintian --profile debian -iIE --pedantic $GBP_CHANGES_FILE && echo "Lintian OK"

[buildpackage]
debian-branch = debian-test
upstream-tag = build
overlay = True
export-dir = /tmp/build-area
upstream-tree = TAG

[dch]
debian-branch = debian-test
upstream-tree = TAG
upstream-tag = build
git-log = --no-merges
user@subgraph/pts/1:~/sublogmon-gui [debian-test]>

Attempt to build:

user@subgraph/pts/1:~/sublogmon-gui [debian-test]> DIST=stretch gbp buildpackage -us -uc
...
Setting up libmono-system-security4.0-cil (4.6.2.7+dfsg-1) ...
Setting up libmono-system-configuration4.0-cil (4.6.2.7+dfsg-1) ...
Setting up libmono-system4.0-cil (4.6.2.7+dfsg-1) ...
Setting up libglib2.0-cil (2.12.40-2) ...
Killed
Use of uninitialized value $_ in scalar chomp at /usr/share/cli-common/runtimes.d/mono line 275.
Use of uninitialized value $fullname in concatenation (.) or string at /usr/share/cli-common/runtimes.d/mono line 225.
Killed
E: installing Assembly /usr/share/cli-common/policies.d/libglib2.0-cil/policy.2.6.glib-sharp.dll failed
E: Installation of policy.2.6.glib-sharp with /usr/share/cli-common/runtimes.d/mono failed
dpkg: error processing package libglib2.0-cil (--configure):
 subprocess installed post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of libgio-cil:
 libgio-cil depends on libglib2.0-cil (>= 2.12.10-1ubuntu1); however:
  Package libglib2.0-cil is not configured yet.

dpkg: error processing package libgio-cil (--configure):
 dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of golang-github-gotk3-gotk3-dev:
 golang-github-gotk3-gotk3-dev depends on libgio-cil; however:
  Package libgio-cil is not configured yet.

dpkg: error processing package golang-github-gotk3-gotk3-dev (--configure):
 dependency problems - leaving unconfigured
Processing triggers for libc-bin (2.24-11+deb9u1) ...
Processing triggers for libgdk-pixbuf2.0-0:amd64 (2.36.5-2) ...
Errors were encountered while processing:
 libglib2.0-cil
 libgio-cil
 golang-github-gotk3-gotk3-dev
E: Sub-process /usr/bin/dpkg returned an error code (1)
Setting up libglib2.0-cil (2.12.40-2) ...
Killed
W: removing assembly:  failed!
Killed
Use of uninitialized value $_ in scalar chomp at /usr/share/cli-common/runtimes.d/mono line 275.
Use of uninitialized value $fullname in concatenation (.) or string at /usr/share/cli-common/runtimes.d/mono line 225.
Killed
E: installing Assembly /usr/share/cli-common/policies.d/libglib2.0-cil/policy.2.6.glib-sharp.dll failed
E: Installation of policy.2.6.glib-sharp with /usr/share/cli-common/runtimes.d/mono failed
dpkg: error processing package libglib2.0-cil (--configure):
 subprocess installed post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of libgio-cil:
 libgio-cil depends on libglib2.0-cil (>= 2.12.10-1ubuntu1); however:
  Package libglib2.0-cil is not configured yet.

dpkg: error processing package libgio-cil (--configure):
 dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of golang-github-gotk3-gotk3-dev:
 golang-github-gotk3-gotk3-dev depends on libgio-cil; however:
  Package libgio-cil is not configured yet.

dpkg: error processing package golang-github-gotk3-gotk3-dev (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 libglib2.0-cil
 libgio-cil
 golang-github-gotk3-gotk3-dev
Reading package lists...
Building dependency tree...
Reading state information...
Reading extended state information...
Initializing package states...
Writing extended state information...
Building tag database...
E: pbuilder-satisfydepends failed.
I: Copying back the cached apt archive contents
I: unmounting dev/ptmx filesystem
I: unmounting dev/pts filesystem
I: unmounting dev/shm filesystem
I: unmounting proc filesystem
I: unmounting sys filesystem
I: Cleaning COW directory
I: forking: rm -rf /var/cache/pbuilder/build/cow.5208
gbp:error: 'git-pbuilder -us -uc' failed: it exited with 1
user@subgraph/pts/1:~/sublogmon-gui [debian-test]>

dmesg output caused by build:

[27967.617020] PAX: execution attempt in: <anonymous mapping>, 400aa000-400ba000 400aa000
[27967.617027] PAX: terminating task: /usr/bin/mono-sgen(Main):18921, uid/euid: 0/0, PC: 00000000400aabd0, SP: 000003b0bc0cd748
[27967.617029] PAX: bytes at PC: 55 48 8b ec 48 83 ec 60 4c 89 65 e0 4c 89 6d e8 4c 89 75 f0

[27967.617041] PAX: bytes at SP-8: 0000002d9d9c3570 0000002d99cbc979 0000000000000018 0000000099e6be07 0000000000000001 000003b0bc0cdaa0 0000000000000000 0000002d9d9cc4a8 0000002d9d9c3570 0000002d9d99bf80 0000000000000000

[27967.617140] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /var/cache/pbuilder/build/cow.5208/usr/bin/mono-sgen[Main:18921] uid/euid:0/0 gid/egid:0/0, parent /var/cache/pbuilder/build/cow.5208/bin/dash[sh:18920] uid/euid:0/0 gid/egid:0/0
[27967.629440] PAX: execution attempt in: <anonymous mapping>, 41cb5000-41cc5000 41cb5000
[27967.629449] PAX: terminating task: /usr/bin/mono-sgen(Main):18924, uid/euid: 0/0, PC: 0000000041cb5bd0, SP: 000003b4a630abf8
[27967.629452] PAX: bytes at PC: 55 48 8b ec 48 83 ec 60 4c 89 65 e0 4c 89 6d e8 4c 89 75 f0

[27967.629473] PAX: bytes at SP-8: 0000003fe178c9a0 0000003fe10a6979 0000000000000018 00000000e1255e07 0000000000000001 000003b4a630af50 0000000000000000 0000003fe17958d8 0000003fe178c9a0 0000003fe1765370 0000000000000000

[27967.629600] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /var/cache/pbuilder/build/cow.5208/usr/bin/mono-sgen[Main:18924] uid/euid:0/0 gid/egid:0/0, parent /var/cache/pbuilder/build/cow.5208/bin/dash[sh:18923] uid/euid:0/0 gid/egid:0/0
[27968.060563] PAX: execution attempt in: <anonymous mapping>, 41413000-41423000 41413000
[27968.060570] PAX: terminating task: /usr/bin/mono-sgen(Main):18945, uid/euid: 0/0, PC: 0000000041413bd0, SP: 000003cf91360778
[27968.060572] PAX: bytes at PC: 55 48 8b ec 48 83 ec 60 4c 89 65 e0 4c 89 6d e8 4c 89 75 f0

[27968.060585] PAX: bytes at SP-8: 0000005172569ba0 0000005171ea3979 0000000000000018 0000000072052e07 0000000000000001 000003cf91360ad0 0000000000000000 0000005172572ad8 0000005172569ba0 0000005172542570 0000000000000000

[27968.060683] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /var/cache/pbuilder/build/cow.5208/usr/bin/mono-sgen[Main:18945] uid/euid:0/0 gid/egid:0/0, parent /var/cache/pbuilder/build/cow.5208/bin/dash[sh:18944] uid/euid:0/0 gid/egid:0/0
[27968.105745] PAX: execution attempt in: <anonymous mapping>, 41c3b000-41c4b000 41c3b000
[27968.105751] PAX: terminating task: /usr/bin/mono-sgen(Main):18956, uid/euid: 0/0, PC: 0000000041c3bbd0, SP: 000003c043c957b8
[27968.105753] PAX: bytes at PC: 55 48 8b ec 48 83 ec 60 4c 89 65 e0 4c 89 6d e8 4c 89 75 f0

[27968.105765] PAX: bytes at SP-8: 000000741f639e30 000000741db76979 0000000000000018 000000001dd25e07 0000000000000001 000003c043c95b10 0000000000000000 000000741f642d68 000000741f639e30 000000741f612850 0000000000000000

[27968.105862] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /var/cache/pbuilder/build/cow.5208/usr/bin/mono-sgen[Main:18956] uid/euid:0/0 gid/egid:0/0, parent /var/cache/pbuilder/build/cow.5208/bin/dash[sh:18955] uid/euid:0/0 gid/egid:0/0
[27968.117896] PAX: execution attempt in: <anonymous mapping>, 41dfb000-41e0b000 41dfb000
[27968.117903] PAX: terminating task: /usr/bin/mono-sgen(Main):18959, uid/euid: 0/0, PC: 0000000041dfbbd0, SP: 000003a66c00e678
[27968.117905] PAX: bytes at PC: 55 48 8b ec 48 83 ec 60 4c 89 65 e0 4c 89 6d e8 4c 89 75 f0

[27968.117918] PAX: bytes at SP-8: 000000476e43d010 000000476b182979 0000000000000018 000000006b331e07 0000000000000001 000003a66c00e9d0 0000000000000000 000000476e445f48 000000476e43d010 000000476e4159e0 0000000000000000

[27968.118012] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /var/cache/pbuilder/build/cow.5208/usr/bin/mono-sgen[Main:18959] uid/euid:0/0 gid/egid:0/0, parent /var/cache/pbuilder/build/cow.5208/bin/dash[sh:18958] uid/euid:0/0 gid/egid:0/0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant