On Thu, Jan 28, 2016 at 2:22 AM, Frank Mehnert <frank.mehn...@oracle.com> wrote: > Austin, > > On Wednesday 27 January 2016 23:28:55 Austin English wrote: >> On Wed, Jan 27, 2016 at 1:56 AM, Frank Mehnert <frank.mehn...@oracle.com> > wrote: >> > On Wednesday 27 January 2016 00:13:18 Austin English wrote: >> >> Well, Virtualbox hadn't compiled, I was hitting >> >> https://www.virtualbox.org/ticket/1499. >> >> >> >> Using a 32-bit kernel instead, I was able to get VirtualBox 4.3.32 to >> >> build. The results: >> >> >> >> # hardened, no sudo >> >> amnesia@amnesia:/media/amnesia/e3f702b9-64b4-40c2-96c3-ef6cf856e129/Virtu >> >> alB ox-4.3.32/out/linux.x86/release/bin$ ./VirtualBox >> >> VirtualBox: Error -10 in SUPR3HardenedMain! >> >> VirtualBox: Effective UID is not root (euid=1000 egid=1000 uid=1000 >> >> gid=1000) >> >> >> >> VirtualBox: Tip! It may help to reinstall VirtualBox. >> > >> > that will not work of course. Running a hardened build from the bin >> > directory is not supported. A hardened build will only run if it's >> > installed to /opt/VirtualBox and the stubs (VirtualBox, VBoxHeadless, >> > VBoxSDL, VBoxNetDHCP, VBoxNetNAT) are installed as suid root. >> >> Thanks for the tip. Is that documented somewhere? >> https://www.virtualbox.org/wiki/Linux%20build%20instructions indicates >> that a hardened build can from from the build dir if some symlinks are >> made (which they were already for me by the build), and some files are >> chmod'ed/chown'ed. There's no mention of installing to /opt. > > the documentation on that page is outdated. I did some fixes mentioning > that running a hardened build from the bin/ directory will not work.
Thanks! Note you added a typo: Running a hardened build from tue bin/ directory will not work because all hardened binaries do explicit link against libraries from /opt/VirtualBox (fixed path). tue > the > The most up-to-date documentation you can find is the source code. Sure. I've got a few more corrections for that page (for the debian packages section), should I file a bug somewhere or send a mail to vbox-dev? _______________________________________________ vbox-dev mailing list vbox-dev@virtualbox.org https://www.virtualbox.org/mailman/listinfo/vbox-dev