grub: Disable hardening for grub-script-check binary.

This binary requires the following disabled PaX flags:
* PAGEEXEC
* MPROTECT
* RANDEXEC
* EMUTRAMP

If one of these flags in enabled the binary will crash during the execution of
"grub-mkconfig" and the grub configuration file cannot be updated.

diff --git a/grub/grub.nm b/grub/grub.nm
index 59893e2bcc3bcf27e1c2b26b316465395950caf5..b109a2ad191617712efbb4a33af2283a769a8a7b 100644 (file)
--- a/grub/grub.nm
+++ b/grub/grub.nm
@@ -5,7 +5,7 @@
 
 name       = grub
 version    = 2.00
 
 name       = grub
 version    = 2.00

-release    = 4
+release    = 5

 sup_arches = x86_64 i686
 
 groups     = System/Boot
 sup_arches = x86_64 i686
 
 groups     = System/Boot


@@ -97,6 +97,9 @@ build
                paxctl -mpes \
                        %{BUILDROOT}%{sbindir}/grub-bios-setup \
                        %{BUILDROOT}%{sbindir}/grub-probe
                paxctl -mpes \
                        %{BUILDROOT}%{sbindir}/grub-bios-setup \
                        %{BUILDROOT}%{sbindir}/grub-probe

+
+               paxctl -mpex \
+                       %{BUILDROOT}%{bindir}/grub-script-check

        end
 
        debuginfo_strict_build_id = false
        end
 
        debuginfo_strict_build_id = false