[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Axiom-developer] 20080527.01.tpd.patch (Fedora 9 updates)

From: daly
Subject: [Axiom-developer] 20080527.01.tpd.patch (Fedora 9 updates)
Date: Tue, 27 May 2008 18:03:23 -0500

Changes to build Axiom on the Fedora 9 platform.

diff --git a/Makefile.pamphlet b/Makefile.pamphlet
index 95dbce8..ba4541c 100644
--- a/Makefile.pamphlet
+++ b/Makefile.pamphlet
@@ -1884,6 +1884,81 @@ all: rootdirs noweb srcsetup lspdir srcdir
+On Fedora Core 9 we cannot use the line
+  ${XLIB}/libXpm.a
+to link to the Xpm libraries. Instead We need to use
+  -l Xpm
+These are added onto the end of the LDF variable.
+Annoyingly enough it seems that GCL uses a default extension of .lsp
+rather than .lisp so we add the [[LISP]] variable here. We need to
+depend on the default extension behavior because the system build
+will load either the interpreted or compiled form of a file depending
+on which is available. This varies at different stages of the build.
+It turns out that the standard GCL OPTS does not compile with the
+GCL 2.6.8pre version. We changed it from 
+to read
+GCL-2.6.8pre2 will not build successfully on fedora core 9
+so we need to downgrade the GCLVERSION.
+# System dependent Makefile for the Intel/Linux platform
+# Platform variable
+# C compiler flags
+CCF="-O2 -fno-strength-reduce -Wall -D_GNU_SOURCE -D${PLF} -I/usr/X11/include"
+# Loader flags
+LDF=" -L/usr/X11R6/lib -l Xpm "
+# C compiler to use
+# where the libXpm.a library lives
+all: rootdirs noweb srcsetup lspdir srcdir
+       @echo 45 Makefile.linux called
+       @echo 46 Environment : ${ENV} 
+       @echo 47 finished system build on `date` | tee >lastBuildDate
+<<literate commands>>
 Annoyingly enough it seems that GCL uses a default extension of .lsp
 rather than .lisp so we add the [[LISP]] variable here. We need to
diff --git a/changelog b/changelog
index d4404a9..360115d 100644
--- a/changelog
+++ b/changelog
@@ -1,3 +1,5 @@
+20080527 tpd Makefile add fedora9 stanza
+20080527 tpd faq 47: Axiom won't build on Fedora 9 (SELinux)
 20080526 tpd Makefile add fedora8-64 stanza
 20080526 tpd Makefile VERSION="Axiom (May 2008)"
 20080524 tpd Makefile opensuse use GCLVERSION=gcl-2.6.8pre2
diff --git a/faq b/faq
index ac41077..d9ba9a3 100644
--- a/faq
+++ b/faq
@@ -45,6 +45,7 @@ FAQ 43: Is Axiom's License compatible with the GPL?
 FAQ 44: I don't have the math fonts
 FAQ 45: Axiom copyright information
 FAQ 46: Axiom trademark information
+FAQ 47: Axiom won't build on Fedora 9 (SELinux)
 FAQ 0: How do I use Axiom?
@@ -669,8 +670,7 @@ FILES= ${OUT}/algaggr.input  ${OUT}/algbrbf.input    
${OUT}/algfacob.input \
 6) Did axiom 'make' to compile the revised floats domain and
    (hopefully) run the negfloats.input test file.
-   ./configure
-   (set AXIOM and PATH manually ... yuck :)
+   (set AXIOM and PATH manually ...)
@@ -1655,3 +1655,81 @@ Axiom websites at
+FAQ 47: Axiom won't build on Fedora 9 (SELinux)
+You need to turn off dynamic library load point randomization.
+As root do:
+echo 0 >/proc/sys/kernel/randomize_va_space
+or do
+setarch i386 -R make 
+Also, Fedora now appears to install SELinux without giving the
+user an option at system install time. The symptom seems to be:
+ invoking make in ~/axiom/src/boot
+ Permission Denied
+SELinux is preventing lisp from changing the access protection of
+memory on the heap
+The lisp application attempted to change the access protection of
+memory on the heap (e.g. allocated using malloc). This is a potential
+security problem. Applications should not be doing this. Applications
+are sometimes coded incorrectly and request this permission. The
+SELinux Memory Protections Tests web page explains how to remove this
+requirement. If lisp does not work and you need it to work, you can
+configure SELinux temporarily to allow this access until the
+application is fixed.
+If you want lisp to continue, you must turn on the allow_execheap boolean.
+setsebool -P allow_execheap=1
+Rant: Not "applications should not be doing this...applications are
+sometimes coded incorrectly"... but "security software should not be
+doing software is sometimes coded incorrectly".
+Claiming valid code is incorrect is a bug in SELinux. Programs change
+protection to allow efficiencies like copy-on-write, garbage collection
+optimizations, dynamically compiled functions executed out of the
+heap, dynamic stack boundary checking, etc.. This is common computer
+science knowledge. The hubris of the "explanation" is beyond remark.
+Another alternative is to use the commands:
+/sbin/sysctl -w kernel.randomize_va_space=0
+/sbin/sysctl -w kernel.exec-shield=0
+A third alternative is to edit /etc/sysctl.conf and add the lines:
+If the above fails then it is possible that you may have to take
+more drastic measures. This will disable the SELinux:
+/usr/sbin/setenforce 0
+although it may be possible to tweak the policy directly. 
+/etc/selinux/strict/src/policy/domains/user.te:bool allow_execmem false;
+/etc/selinux/strict/src/policy/domains/user.te:bool allow_execmem true;
+then do:
+cd /etc/selinux/strict/src/policy
+make load

reply via email to

[Prev in Thread] Current Thread [Next in Thread]