You are not logged in.
I'm having the darndest time chasing this issue down, and the information I have isn't THAT helpful, yet.
I tried posting on the grsec forums, and spender rightly rejected the post.
ANYWAY
I build my own grsec hardened kernel with some balance between security and performance/functionality.
My config and pkgbuild are here: https://github.com/osteichthyes/linux-grsec
The config differs from nning, the pkgbuild only differs because I dealt with an issue of a 4.x.0 patcset differently.
ANYWAY
Round about the push of 4.8.12 or so around September or October of last year, my builds stopped booting. This happened to me in 4.5.x somewhere, too. So, I figured I'd wait it out. Anyway, it gets to the point of starting X and starting gdm, and the screen tears repeatedly. I tried a bunch of different options in the build, and tried a number of paxctl (or paxctld or paxd) flags, and some got a little further, some killed X sooner. I got similarly nowhere with adding them to gdm and wayland's files.
It occurred to me that the time frame also meshes with the big changes to gdm (move to wayland, etc). The issue may pertain to GDM instead of the kernel.
Is anyone else running a grsec kernel and gdm? Are you getting to the login prompt?
Did you have any issues of late?
Thanks!
Offline
After testing, LightDM loads, but does not start gnome in the grsec kernel. I'm thinking I should close this and instead post in the applications forum, as this is probably a bug in gdm, not the kernel.
I have also since put pax into softmode, which seems to fix nothing. I may try to rebuild the kernel without grsecurity or pax and see if there isn't a driver or something missing (I really don't think it's that).
If that works, I'll build a kernel with grsecurity but not pax and see how that goes.
Last edited by osteichthyes (2017-02-15 08:37:47)
Offline
After some digging, a few rebuilds, and finally getting some logs. It looks like it mounts a per-user tmpfs for root under systemd-logind, chdirs into it, then immediately unmounts it, getting stuck in some sort of logind loop. I think it's similar to or related to this:
Offline