> GRUB uses nested functions and so requires an executable stack. Sorry.
Okay, then the best is to have PAX_EMUTRAMP support in the kernel and use paxctl -cE on the concerned binaries. I wrote a patch that does that when building the package; maybe it's needed for the other binaries that I haven't tested, and it should probably be linux-only, but that's the idea. diff -urNp grub2-1.99~rc1.orig/debian/control grub2-1.99~rc1/debian/control --- grub2-1.99~rc1.orig/debian/control 2011-02-24 01:04:07.000000000 +0100 +++ grub2-1.99~rc1/debian/control 2011-02-24 01:04:42.000000000 +0100 @@ -31,6 +31,7 @@ Build-Depends: debhelper (>= 7.0.50~), qemu-system [i386 kfreebsd-i386 kopensolaris-i386 any-amd64], qemu-utils [!hurd-any], parted [!hurd-any], + paxctl, Build-Conflicts: autoconf2.13 Standards-Version: 3.8.4 Homepage: http://www.gnu.org/software/grub/ diff -urNp grub2-1.99~rc1.orig/debian/rules grub2-1.99~rc1/debian/rules --- grub2-1.99~rc1.orig/debian/rules 2011-02-24 01:04:07.000000000 +0100 +++ grub2-1.99~rc1/debian/rules 2011-02-24 01:04:42.000000000 +0100 @@ -90,10 +90,12 @@ build/stamps/configure-grub-common: $(AU build/stamps/build-grub-common build/stamps/build-grub-efi-ia32 build/stamps/build-grub-efi-amd64 build/stamps/build-grub-ieee1275 build/stamps/build-grub-coreboot build/stamps/build-grub-emu build/stamps/build-grub-yeeloong: build/stamps/build-%: build/stamps/configure-% dh_auto_build + paxctl -cE build/$*/grub-{mkdevicemap,probe,script-check} touch $@ build/stamps/build-grub-pc: build/stamps/configure-grub-pc dh_auto_build + paxctl -cE build/grub-pc/grub-{mkdevicemap,probe,script-check,setup} ifeq ($(with_check), yes) dh_auto_test endif Regards, -- Pierre Ynard "Une âme dans un corps, c'est comme un dessin sur une feuille de papier." -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
