I just downloaded Codeweavers Crossover Office 2.1 and installed it on FC Test3. It seemed to work fine at first, but after a couple of days (and many updates from rawhide) it now produces an error when I try to run a windows app. IE 6 will not run after the error, but other apps do.
"Your system appears to contain a security patch that will cause trouble when running some programs in CrossOver. To fix the problem, please consult the online FAQ at ...."
When I consult the FAQ, it says:
============================== 6.1.2.1.6. Will CrossOver work with my security patches? (grsec, libsafe, etc.)
Sometimes. Many security patches disallow loading executables at certain locations in the memory map. Some Windows executables are stripped of their relocation records, thus must be loaded at a specific address in the memory map.
For this reason, you may experience trouble running certain programs in CrossOver with security patches enabled. If you are using grsec, please contact us as we may be able to help you. If you are using the "not executable stack patch" for Linux, you may disable it for CrossOver by running the following command:
$ /usr/sbin/chstk -e ~/cxoffice/bin/wineloader ==============================
I do not have a program called /usr/sbin/chstk, and suspect this is not the solution anyway.
Has anyone else experienced this or had success with CrossOver Office 2.1 on Fedora?
Thanks.
Gerry
On Oct 30, 2003 at 19:50, Gerry Tool in a soothing rage wrote: [...]
$ /usr/sbin/chstk -e ~/cxoffice/bin/wineloader
I do not have a program called /usr/sbin/chstk, and suspect this is not the solution anyway.
The kernel-utils-2.4-8.31 rpm provided this. I note it is not in the kernel-utils-2.4-9.1.101.fedora rpm does not provide it. You may have to downgrade.
HTH.
N.Emile...
You'd better read the RELEASE-NOTES file to learn how to disable exec-shield. Just a quote :
o The Fedora Core 1 kernel includes new Exec-shield functionality. Exec-shield is a security-enhancing modification to the Linux kernel that makes large parts of specially-marked programs -- including their stack -- not executable. This can reduce the potential damage of some security holes. Exec-shield is related to the older "non-exec stack patch" but has the potential to provide greater protection.
D
Le ven 31/10/2003 à 03:34, ne... a écrit :
On Oct 30, 2003 at 19:50, Gerry Tool in a soothing rage wrote:
$ /usr/sbin/chstk -e ~/cxoffice/bin/wineloader
I do not have a program called /usr/sbin/chstk, and suspect this is not the solution anyway.
The kernel-utils-2.4-8.31 rpm provided this. I note it is not in the kernel-utils-2.4-9.1.101.fedora rpm does not provide it. You may have to downgrade. N.Emile...
On Thu, 2003-10-30 at 20:42, Dams wrote:
You'd better read the RELEASE-NOTES file to learn how to disable exec-shield. Just a quote :
o The Fedora Core 1 kernel includes new Exec-shield functionality. Exec-shield is a security-enhancing modification to the Linux kernel that makes large parts of specially-marked programs -- including their stack -- not executable. This can reduce the potential damage of some security holes. Exec-shield is related to the older "non-exec stack patch" but has the potential to provide greater protection.
D
Thanks for your reply.
I read the RELEASE-NOTES and disabled Exec-shield for all binaries. Same results as before. I discovered now that IE6 does work after the error dialog is closed, regardless of the setting of the Exec-shield value, so it is more of an aggravation than a show stopper. I did submit a ticket to the Codeweavers problem site.
Gerry
On Thu, 2003-10-30 at 20:34, ne... wrote:
On Oct 30, 2003 at 19:50, Gerry Tool in a soothing rage wrote: [...]
$ /usr/sbin/chstk -e ~/cxoffice/bin/wineloader
I do not have a program called /usr/sbin/chstk, and suspect this is not the solution anyway.
The kernel-utils-2.4-8.31 rpm provided this. I note it is not in the kernel-utils-2.4-9.1.101.fedora rpm does not provide it. You may have to downgrade.
Thanks for your reply. I did as you suggested and then executed the command
[root@gstpc severn]# /usr/sbin/chstk -e /opt/cxoffice/bin/wineloader
Now, the error dialog still appears, but none of the windows apps execute after the error dialog is dismissed. Bummer, a step backwards.
I guess I'll upgrade back to the newer kernel-utils, reboot and see how it behaves.
Gerry
On Thu, 2003-10-30 at 21:31, Gerry Tool wrote:
On Thu, 2003-10-30 at 20:34, ne... wrote:
On Oct 30, 2003 at 19:50, Gerry Tool in a soothing rage wrote: [...]
$ /usr/sbin/chstk -e ~/cxoffice/bin/wineloader
I do not have a program called /usr/sbin/chstk, and suspect this is not the solution anyway.
The kernel-utils-2.4-8.31 rpm provided this. I note it is not in the kernel-utils-2.4-9.1.101.fedora rpm does not provide it. You may have to downgrade.
Thanks for your reply. I did as you suggested and then executed the command
[root@gstpc severn]# /usr/sbin/chstk -e /opt/cxoffice/bin/wineloader
Now, the error dialog still appears, but none of the windows apps execute after the error dialog is dismissed. Bummer, a step backwards.
I guess I'll upgrade back to the newer kernel-utils, reboot and see how it behaves.
After upgrade of kernel-utils to kernel-utils-2.4-9.1.101 and reboot, the windows apps again show the error dialog, but then run. At this point it is more of an aggravation than a serious problem, so I'll see what results I get from my report to the Codeweavers problem site.
Gerry
On Thu, Oct 30, 2003 at 09:31:07PM -0600, Gerry Tool wrote:
On Thu, 2003-10-30 at 20:34, ne... wrote:
On Oct 30, 2003 at 19:50, Gerry Tool in a soothing rage wrote: [...]
$ /usr/sbin/chstk -e ~/cxoffice/bin/wineloader
I do not have a program called /usr/sbin/chstk, and suspect this is not the solution anyway.
The kernel-utils-2.4-8.31 rpm provided this. I note it is not in the kernel-utils-2.4-9.1.101.fedora rpm does not provide it. You may have to downgrade.
Thanks for your reply. I did as you suggested and then executed the command
[root@gstpc severn]# /usr/sbin/chstk -e /opt/cxoffice/bin/wineloader
FYI, for Fedora Core 1, there is no chstk utility any more, but execstack(8) (included in prelink package), as the marking is very different from what it used to be (it is now in PT_GNU_STACK program header entry's p_flags). But note that there are 2 major separate things the execshield patch does: a) making stack non-executable for apps (and all their libraries) which don't need it b) mmap randomization (mmap (NULL, ...) returns without MAP_FIXED are randomized, if non-executable stack then PROT_EXEC mappings are assigned preferrably from ASCII shield area or the rest of address space below executable)
Depends what cxoffice has problems with. As it hasn't been likely compiled on FC1 (or RHEL3), it should not have PT_GNU_STACK segment and thus default to executable stack. So most probably this is about randomization, which can be ATM turned off with running the program with setarch -3 program arguments
Jakub
On Fri, 2003-10-31 at 01:56, Jakub Jelinek wrote:
FYI, for Fedora Core 1, there is no chstk utility any more, but execstack(8) (included in prelink package), as the marking is very different from what it used to be (it is now in PT_GNU_STACK program header entry's p_flags). But note that there are 2 major separate things the execshield patch does: a) making stack non-executable for apps (and all their libraries) which don't need it b) mmap randomization (mmap (NULL, ...) returns without MAP_FIXED are randomized, if non-executable stack then PROT_EXEC mappings are assigned preferrably from ASCII shield area or the rest of address space below executable)
I set each of the values in /proc/sys/exec-shield and /proc/sys/exec-shield-randomize to 0 and the error message still occurs.
Depends what cxoffice has problems with. As it hasn't been likely compiled on FC1 (or RHEL3), it should not have PT_GNU_STACK segment and thus default to executable stack. So most probably this is about randomization, which can be ATM turned off with running the program with setarch -3 program arguments
When I use setarch -3 <binary>, setarch replies
Don't know how to set arch to -3
When I use setarch i386 <binary> the program runs but still produces the error dialog.
I may be misunderstanding your suggestion.
Thanks.
Gerry
On Thursday 30 October 2003 08:50 pm, Gerry Tool wrote:
I just downloaded Codeweavers Crossover Office 2.1 and installed it on FC Test3. It seemed to work fine at first, but after a couple of days (and many updates from rawhide) it now produces an error when I try to run a windows app. IE 6 will not run after the error, but other apps do.
Has anyone else experienced this or had success with CrossOver Office 2.1 on Fedora?
I'm running cxoffice 2.1.0 on fedora. I haven't found the problem you have; however, I've also not gotten an update from up2date since middle of last week (when fedora-release went to 1). My cxoffice install is an upgrade of an upgrade of an upgrade of an upgrade (I started out with cxoffice 1.0, and I have updated through several betas, 1.2, 1.3, 2.0, etc). The move to RHL9 broke cxoffice for a little while; I waited to update until cxoffice worked again. But it hasn't broken yet for me with FC tests. But I installed test 2 and have just up2dated from that point. I _will_ be doing a scratch fedora install after getting official ISO's, and then will be reinstalling cxoffice from scratch as well. We'll see at that point. But right now it's working without an error dialog.
On Sat, 2003-11-01 at 17:24, Lamar Owen wrote:
I'm running cxoffice 2.1.0 on fedora. I haven't found the problem you have; however, I've also not gotten an update from up2date since middle of last week (when fedora-release went to 1).
That may be why you don't get the error messages. That's about the time my updates seemed to cause the error to appear. Jeremy White of Codeweavers suggested that I report back when I install the new release and xoveroffice if the error message still appears since they want to spend their effort on the real release. They had tested against test2 successfully.
In the meantime, he suggested I could disable the security patch check in the wine perl script which I did. All works fine and I don't get the error message now.
Gerry
I had the problem that Photoshop would hang during an install. Coping the cxoffice, .cxoffice and .loki directories from a working system resulted in the message from cxmaptest that low 16Mb area is not free (got 0x4001c000). I was running with exec-shield supposedly disabled.
The solution I found was to disable the cron job that runs prelink and run prelink with -au. Now Photoshop runs cleanly and all I have to do is find out how to keep the first 16M out of prelinks hands.
On Fri, 31 Oct 2003, Jakub Jelinek wrote:
On Thu, Oct 30, 2003 at 09:31:07PM -0600, Gerry Tool wrote:
On Thu, 2003-10-30 at 20:34, ne... wrote:
On Oct 30, 2003 at 19:50, Gerry Tool in a soothing rage wrote: [...]
$ /usr/sbin/chstk -e ~/cxoffice/bin/wineloader
I do not have a program called /usr/sbin/chstk, and suspect this is not the solution anyway.
The kernel-utils-2.4-8.31 rpm provided this. I note it is not in the kernel-utils-2.4-9.1.101.fedora rpm does not provide it. You may have to downgrade.
Thanks for your reply. I did as you suggested and then executed the command
[root@gstpc severn]# /usr/sbin/chstk -e /opt/cxoffice/bin/wineloader
FYI, for Fedora Core 1, there is no chstk utility any more, but execstack(8) (included in prelink package), as the marking is very different from what it used to be (it is now in PT_GNU_STACK program header entry's p_flags). But note that there are 2 major separate things the execshield patch does: a) making stack non-executable for apps (and all their libraries) which don't need it b) mmap randomization (mmap (NULL, ...) returns without MAP_FIXED are randomized, if non-executable stack then PROT_EXEC mappings are assigned preferrably from ASCII shield area or the rest of address space below executable)
Depends what cxoffice has problems with. As it hasn't been likely compiled on FC1 (or RHEL3), it should not have PT_GNU_STACK segment and thus default to executable stack. So most probably this is about randomization, which can be ATM turned off with running the program with setarch -3 program arguments
Jakub
-- fedora-list mailing list fedora-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-list
On Mon, Nov 03, 2003 at 10:37:40AM -0500, Dave Tetreault wrote:
I had the problem that Photoshop would hang during an install. Coping the cxoffice, .cxoffice and .loki directories from a working system resulted in the message from cxmaptest that low 16Mb area is not free (got 0x4001c000). I was running with exec-shield supposedly disabled.
The solution I found was to disable the cron job that runs prelink and run prelink with -au. Now Photoshop runs cleanly and all I have to do is find out how to keep the first 16M out of prelinks hands.
Edit /etc/sysconfig/prelink and change: PRELINK_OPTS=-mR to PRELINK_OPTS="-mR --no-exec-shield"
Jakub