28th May 2016
|
|
More noise than signal
|
|
Join Date: May 2008
Location: USA
Posts: 7,984
|
|
Operational change required for OpenBSD -current users
The Following -current FAQ has a new entry:
Quote:
2016/05/27 - fstab needs wxallowed flag on /usr/local
W^X violating programs are no longer allowed by default, but will have to opt-in via some mechanisms which allow the violation. These mechanisms are being introduced into the system one by one, in cooperation with the ports development team. The first mechanism is that filesystems containing violating programs must be mounted using the wxallowed option, for instance:01020304050607.h /usr/local ffs rw,nodev,nosuid,wxallowed 1 2 The base system has no W^X violating programs, but the ports tree contains a quite a few: chromium, mono, node, gnome, libreoffice, jdk, zeal, etc. Progress in this area will be defined by repairing libraries and programs so that they don't request PROT_WRITE | PROT_EXEC memory. The library libffi (Used by python for instance) was the first to be fixed. It is expected that most users will use the wxallowed option on /usr/local, but developers who wish to assist in the effort of repairing upstream software can keep it disabled and also use the kern.wxabort option (see sysctl(8)) which helps with debugging. The upgrade process cannot automatically modify fstab to add this flag to /usr/local; therefore it must be added by hand. Some ports also perform W^X violations during build-time, so the same option may be desireable on /usr/pobj or other directories.
|
OpenBSD -current users should always check this FAQ before updating their systems.
|