← previous next →
Pages: [1]

Author Topic: Quick And Dirty Guide To Getting Gringotts Working  (Read 3304 times)

iamasmith

  • Hero Member
  • *****
  • Posts: 1248
    • View Profile
Quick And Dirty Guide To Getting Gringotts Working
« on: February 01, 2006, 08:28:32 am »
If you have ever come across the application Gringotts you either love it or hate it... personally I like the thing and think it's a great little password store etc. Just the sort of thing that you want to run on a Zaurus and it is farily popular in the pdaXrom feed.

 [ Invalid Attachment ]

Here is what you need to do to get it to work on a Zaurus running OpenBSD with the current revisions of GTK etc.

Firstly build a few dependency packages and install them from the ports tree... namely...

x11/gtk+2
devel/popt
security/mhash
security/mcrypt
archivers/bzip2

next download and extract the source for libgringotts-1.2.1 and gringotts-1.2.8 from the main site..

http://devel.pluto.linux.it/projects/Gringotts

(I use a build root called /usr/local/nonports for stuff that isn't in the ports tree)

Before configuring either application use the following commands since neither configure/make on either package seems to check /usr/local/include or lib

export CFLAGS=-I/usr/local/include
export CPPFLAGS=-I/usr/local/include
export LDFLAGS=-L/usr/local/lib

Now enter the libgringotts directory and run..

./configure
gmake install

This should be enough to successfully install the supporting library

Now download this patch...

http://freshmeat.net/projects/gringotts-shlomif

and apply it whilst inside the gringotts directory with...

patch -p0 < gringotts-shlomif-patch-rev3.diff

This is necessary since the version of GTK that OpenBSD has no longer exports references that the original gringotts needed to link..

Configure and build with...

./configure --disable-env-check
gmake install
chmod -s `which gringotts`

If you don't disable the env check gringotts will segfault with a duff string that it passes to a putenv system call... I traced it that far but didn't feel it was significant enough to fix for my own use.. you may want to research further.

If you leave the root suid bit enabled gringotts will attempt to disable paging of its own code, this doesn't work correctly on OpenBSD and gringotts gives up.. if you are concerned about this leave your swapfile encryption enabled on OpenBSD

Note, you can now run gringotts as a regular user, attempting to run from root with fail with the SUID error since it believes it has the rights to disable paging of itself.

- Andy
« Last Edit: February 01, 2006, 08:42:26 am by iamasmith »
Logged
OpenBSD 4.2 -current on full 4Gb of SL-C3000
Microdrive replaced with 4Gb SanDisk Extreme III card

iamasmith

  • Hero Member
  • *****
  • Posts: 1248
    • View Profile
Quick And Dirty Guide To Getting Gringotts Working
« Reply #1 on: February 01, 2006, 01:18:33 pm »
A quick update... *sigh* I have a lot of building to do before I can validate it though.

The chmod -s of the binary *may* not be needed. I tested the syscalls to lock current process pages in memory and they work on OpenBSD, however, at the time I tried it with Gringotts (and this is still the case) I was compiling kdelibs (it's been building qt3 since yesterday ), so I was quite low on RAM. - The syscall will fail if there isn't enough RAM to support locking the process in memory and I suspect this is what is happening.

So by all means try with root suid, but given the limited amount of RAM you may soon find that you have to take the flag off for practical reasons anyway.

- Andy
Logged
OpenBSD 4.2 -current on full 4Gb of SL-C3000
Microdrive replaced with 4Gb SanDisk Extreme III card
Pages: [1]
← previous next →