archive-gh-me/docker-gitlab
1
0
Fork 0
mirror of https://github.com/sameersbn/docker-gitlab.git synced 2026-01-18 13:58:25 +00:00
Code Issues Projects Releases Wiki Activity

Allow running on PaX kernels

Browse Source 
`ruby` needs the PaX MPROTECT flag disabled to run on PaX-enabled systems because of JIT. Mark it as such.
This commit is contained in:
Wang Xuerui 2017-12-30 17:24:11 +08:00 committed by Wang Xuerui
parent 5201f76730
commit 29fc2f5a1f
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
assets/build/install.sh
View File

@ -42,6 +42,11 @@ cd -
rm -rf /tmp/re2
DEBIAN_FRONTEND=noninteractive apt-get purge -y --auto-remove checkinstall
# PaX-mark ruby
# Applying the mark late here does make the build usable on PaX kernels, but
# still the build itself must be executed on a non-PaX kernel. It's done here
# only for simplicity.
paxctl -Cm `which ruby${RUBY_VERSION}`
# https://en.wikibooks.org/wiki/Grsecurity/Application-specific_Settings#Node.js
paxctl -Cm `which nodejs`