Hello,
I also regularly fix this problem (bugs 609602,503173) by setting the required
PAX flags on the respective grub binaries from grub-common and grub-pc with
paxctl:
paxctl -cpsm /usr/sbin/grub-setup
paxctl -cpsm /usr/sbin/grub-mkdevicemap
paxctl -cpsm /usr/sbin/grub-probe
It would be helpful if this could be the default in grub-pc and grub-common so
these settings don't get lost on every update of these packages.
An additional benefit of including this for the packaged binaries would be
that debsums does not report errors for these binaries anymore (paxctl changes
the program header and thus the checksum) as on a grsec-secured system I
prefer to have the "correct" default debsums on all binaries.
Regards,
--
Christoph Scheurer GnuPG key Id: 0x6128C6B6
contact: http://www.theo.ch.tum.de/homepages/scheurer/
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
