Arch Linux x86_64
No problems when booting with normal -ARCH kernel
No problems with full PaX settings on polkit-0.105
Setting paxctl -cPEmRXS /usr/lib/polkit-1/polkitd
Dose NOT solve the problem, Only fixes the RWX line
I really, really do not want to lessen security of polkit.
Errors like this...
grsec: denied RWX mmap of <anonymous mapping> by /usr/lib/polkit-1/polkitd[polkitd:1588] uid/euid:102/102 gid/egid:102/102, parent /usr/lib/systemd/systemd[systemd:1]
grsec: Segmentation fault occurred at 0000000000000010 in /usr/lib/polkit-1/polkitd[polkitd:1588]
grsec: bruteforce prevention initiated against uid 102, banning for 15 minutes
systemd: Failed to start Authorization Manager.
dbus-daemon: dbus: [system] Failed to activate service 'org.freedesktop.ConsoleKit': timed out
dbus: [system] Failed to activate service 'org.freedesktop.ConsoleKit': timed out
dbus-daemon: dbus: [system] Failed to activate service 'org.freedesktop.PolicyKit1': timed out
dbus: [system] Failed to activate service 'org.freedesktop.PolicyKit1': timed out
Awe, you know paxctl -cPEmRXS /usr/lib/polkit-1/polkitd dose seem to fix the polkit problems. Then the rest of my problems are caused by systemd and D-Bus.
However I stand by my clame that needing to disable MPROTECT on polkitd is a Bug.
Correction both MPROTECT & RANDMMAP off for polkitd
This is a problem. Policy Kit needs to have high security.
There is no support for pax in upstream polkit. Seems like an Arch problem to me, suggest to file it there.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct.