2008-12-07 8:48
No Comments
If you have a grsec-patched kernel and PaX is enabled, update-grub is failing, witch is a little bit annoying:
8:45 root@sloane ~# update-grub
Searching for GRUB installation directory ... found: /boot/grub
zsh: exit 137 update-grub
After a little more in-depth look, the problem comes from grub-probe not having the right PaX flags.
Default flags:
8:47 root@sloane ~# chpax -v /usr/sbin/grub-probe
----[ chpax 0.7 : Current flags for /usr/sbin/grub-probe (PeMRxS) ]----
* Paging based PAGE_EXEC : enabled (overridden)
* Trampolines : not emulated
* mprotect() : restricted
* mmap() base : randomized
* ET_EXEC base : not randomized
* Segmentation based PAGE_EXEC : enabled
We need paging and segmentation based PAGE_EXEC to be disabled: chpax -ps /usr/sbin/grub-probe.
It should now work:
8:51 root@sloane ~# grub-probe --device-map=/boot/grub/device.map -t device /
/dev/md0