From owner-freebsd-stable@FreeBSD.ORG Mon Oct 5 14:48:39 2009 Return-Path: Delivered-To: stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 54A22106566B for ; Mon, 5 Oct 2009 14:48:39 +0000 (UTC) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by mx1.freebsd.org (Postfix) with ESMTP id 006C28FC13 for ; Mon, 5 Oct 2009 14:48:38 +0000 (UTC) Received: from mdt-xp.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.14.3/8.14.3) with ESMTP id n95EmVcd025214; Mon, 5 Oct 2009 10:48:31 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <200910051448.n95EmVcd025214@lava.sentex.ca> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Mon, 05 Oct 2009 10:48:37 -0400 To: Andre Albsmeier , "Bjoern A. Zeeb" From: Mike Tancsa In-Reply-To: <20091004164756.GA6021@curry.mchp.siemens.de> References: <20091003184220.GA2620@curry.mchp.siemens.de> <20091003212308.GA3122@curry.mchp.siemens.de> <20091003215821.V26486@maildrop.int.zabbadoz.net> <20091004164756.GA6021@curry.mchp.siemens.de> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Cc: jhell , stable@freebsd.org, Andre Albsmeier Subject: Re: security.bsd.map_at_zero=0 problem with samba33 (including solution) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 14:48:39 -0000 At 12:47 PM 10/4/2009, Andre Albsmeier wrote: >On Sat, 03-Oct-2009 at 22:27:39 +0000, Bjoern A. Zeeb wrote: > > On Sat, 3 Oct 2009, Andre Albsmeier wrote: > > > > Hi, > > > > > On Sat, 03-Oct-2009 at 16:27:32 -0400, jhell wrote: > > >> On Sat, 3 Oct 2009 14:42 -0000, Andre.Albsmeier wrote: > > >> > > >>> FYI, > > >>> > > >>> after setting security.bsd.map_at_zero to 0 on 7.2-STABLE all > > >>> samba33 programmes did abort() immediately after start. The > > >>> solution was to use > > >>> > > >>> CONFIGURE_ARGS+= --disable-pie > > >>> > > >>> -Andre > > >>> > > >> > > >> To add an additional note samba33 even when not running (not > enabled by a rcvar) > > >> also runs a tdbcleanup routine on shutdown and/or start that also does > > >> abort(). > > > > > > Yes, every samba programme is linked with -pie per default (so > > > all abort()). > > > > > > Thanks for reporting the issue. People are aware of the problem now > > and we'll try to present a solution within the next days for better > > position-independent executable (PIE) handling. > > > > Meanwhile there are multiple solutions for people affected: > > > > (1) recompile the port; but as more than just samba might be affected > > and we generally do not want to flip the pie switch everywhere that's > > probably only a temporary, private solution. > >I'll stick to this since I am happy about having the map_at_zero >option and want to continue to try it out on 7.2-STABLE. And I >see now reason why samba has to be linked with -pie (without -pie >it is also 4% smaller). Hi, What are the impacts (if any) of compiling all the ports with PIE disabled that are effected by setting security.bsd.map_at_zero=0 ? ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike