[RESOLVED] landlock is not supported
Posted: Oct 13, 24, 21:01 locke496
 Status: New User - Welcome
Joined: 13 Oct 2024
Posts: 3
Reply Quote
Hi all,
I installed linux-lqx 6.11.3.lqx1-1 in arch linux and when running yay I get

error: restricting filesystem access failed because landlock is not supported by the kernel!

zcat /proc/config.gz | grep -i landlock

shows

CONFIG_SECURITY_LANDLOCK=y

But CONFIG_LSM shows only "lockdown,yama,bpf"
[/code]
Back to top
Posted: Oct 14, 24, 6:54 damentz
 Status: Assistant
Joined: 09 Sep 2008
Posts: 1135
Reply Quote
Can you test by adding lsm=landlock,lockdown,yama,bpf to your kernel boot parameters?

From documentation:
:: Code ::
        lsm=lsm1,...,lsmN
                        [SECURITY] Choose order of LSM initialization. This
                        overrides CONFIG_LSM, and the "security=" parameter.


FYI, I've tried turning landlock on by default but it breaks Debian/Ubuntu startup, if this works we will add it exclusively to the AUR package.
Back to top
Posted: Oct 14, 24, 9:36 locke496
 Status: New User - Welcome
Joined: 13 Oct 2024
Posts: 3
Reply Quote
I added
lsm=landlock,lockdown,yama,bpf

to the kernel cmdline and now yay isnt' complaining any longer. So, it seems that helped.[/b]
Back to top
Posted: Oct 14, 24, 9:51 damentz
 Status: Assistant
Joined: 09 Sep 2008
Posts: 1135
Reply Quote
Thanks for confirming, once I get a moment I'll update the Arch package.
Back to top
Posted: Oct 14, 24, 12:00 damentz
 Status: Assistant
Joined: 09 Sep 2008
Posts: 1135
Reply Quote
AUR package updated, new binary is out if you're using that instead of building. Let me know how it goes.
Back to top
Posted: Oct 15, 24, 5:30 locke496
 Status: New User - Welcome
Joined: 13 Oct 2024
Posts: 3
Reply Quote
Have installed linux-lqx 6.11.3.lqx1-4 and things are looking good. No complaints from yay.

Perhaps it has to do with the fact that I installed linux-lqx from chaotic-aur because during installation I see those messages

/e8b6306f8d59402db4ed5302c978235a-6.11.3-lqx1-1-lqx.conf: line 3: title: command not found
/e8b6306f8d59402db4ed5302c978235a-6.11.3-lqx1-1-lqx.conf: line 4: version: command not found
/e8b6306f8d59402db4ed5302c978235a-6.11.3-lqx1-1-lqx.conf: line 5: machine-id: command not found
/e8b6306f8d59402db4ed5302c978235a-6.11.3-lqx1-1-lqx.conf: line 6: sort-key: command not found
/e8b6306f8d59402db4ed5302c978235a-6.11.3-lqx1-1-lqx.conf: line 7: options: command not found
/e8b6306f8d59402db4ed5302c978235a-6.11.3-lqx1-1-lqx.conf: line 8: linux: command not found
/e8b6306f8d59402db4ed5302c978235a-6.11.3-lqx1-1-lqx.conf: line 9: initrd: command not found
Back to top
Posted: Oct 15, 24, 5:47 damentz
 Status: Assistant
Joined: 09 Sep 2008
Posts: 1135
Reply Quote
That's a new one for me, it looks like something is causing your shell to execute a conf file. Probably something unique to yay or whatever chaotic is doing though. You should be good if you use the official binary repo listed in the AUR comments.

Either way, glad it's working, marking this as resolved.
Back to top
Display posts from previous:   

All times are GMT - 8 Hours
Contact Us
Hosting: Pair Networks: 0.031
Forum Style © techpatterns.com
info

tech forums