Various problems with grsec?
Posted: Sun Dec 19, 2004 7:28 pm
I'm running a server with a grsec enabled 2.4.25 kernel. It hasn't been rebooted for 296 days until now, and it's been working perfectly until just before the reboot. I'm not quite sure if this actually is a grsec problem or not, but the log is filled with these messages concerning spamassassin:
Dec 20 00:27:25 velocity kernel: grsec: From 213.218.116.165: attempted resource overstep by requesting 2050752 for RLIMIT_DATA against limit 2048000 by (spamd:15935) UID(99) EUID(99), parent (spamd:23082) UID(99) EUID(99)
Dec 20 00:27:43 velocity kernel: grsec: From 194.51.131.66: attempted resource overstep by requesting 2050752 for RLIMIT_DATA against limit 2048000 by (spamd:22302) UID(99) EUID(99), parent (spamd:23082) UID(99) EUID(99)
Dec 20 00:27:43 velocity kernel: grsec: From 194.51.131.66: attempted resource overstep by requesting 2050752 for RLIMIT_DATA against limit 2048000 by (spamd:22302) UID(99) EUID(99), parent (spamd:23082) UID(99) EUID(99)
Dec 20 00:27:45 velocity kernel: grsec: From 69.110.207.82: attempted resource overstep by requesting 2050752 for RLIMIT_DATA against limit 2048000 by (spamd:14894) UID(99) EUID(99), parent (spamd:23082) UID(99) EUID(99)
And there's other problems as well:
[root@velocity linux-2.4.25]# make menuconfig
rm -f include/asm
( cd include ; ln -sf asm-i386 asm)
make -C scripts/lxdialog all
make[1]: Entering directory `/usr/src/linux-2.4.25/scripts/lxdialog'
make[1]: Leaving directory `/usr/src/linux-2.4.25/scripts/lxdialog'
/bin/sh scripts/Menuconfig arch/i386/config.in
Using defaults found in .config
Preparing scripts: functions, parsing.....................................................scripts/Menuconfig: xmalloc: cannot allocate 9 bytes (0 bytes allocated)
make: *** [menuconfig] Error 2
[root@velocity linux-2.4.25]#
After a couple of hours with those messages qmail stopped working as well, and I booted the server hoping that would solve the problems. Qmail is up and running again, but I'm still getting the same messages trying to run make menuconfig and spamassassin, and Apache won't start:
[Mon Dec 20 00:32:01 2004] [warn] (24)Too many open files: unable to open a file descriptor above 15, you may need to increase the number of descriptors
fopen: Too many open files
Dec 20 00:33:13 velocity kernel: grsec: From 213.225.76.xxx: attempted resource overstep by requesting 50 for RLIMIT_NOFILE against limit 50 by (httpd:13952) UID(0) EUID(0), parent (apachectl:534) UID(0) EUID(0)
Dec 20 00:33:13 velocity last message repeated 4 times
Any suggestions?
Dec 20 00:27:25 velocity kernel: grsec: From 213.218.116.165: attempted resource overstep by requesting 2050752 for RLIMIT_DATA against limit 2048000 by (spamd:15935) UID(99) EUID(99), parent (spamd:23082) UID(99) EUID(99)
Dec 20 00:27:43 velocity kernel: grsec: From 194.51.131.66: attempted resource overstep by requesting 2050752 for RLIMIT_DATA against limit 2048000 by (spamd:22302) UID(99) EUID(99), parent (spamd:23082) UID(99) EUID(99)
Dec 20 00:27:43 velocity kernel: grsec: From 194.51.131.66: attempted resource overstep by requesting 2050752 for RLIMIT_DATA against limit 2048000 by (spamd:22302) UID(99) EUID(99), parent (spamd:23082) UID(99) EUID(99)
Dec 20 00:27:45 velocity kernel: grsec: From 69.110.207.82: attempted resource overstep by requesting 2050752 for RLIMIT_DATA against limit 2048000 by (spamd:14894) UID(99) EUID(99), parent (spamd:23082) UID(99) EUID(99)
And there's other problems as well:
[root@velocity linux-2.4.25]# make menuconfig
rm -f include/asm
( cd include ; ln -sf asm-i386 asm)
make -C scripts/lxdialog all
make[1]: Entering directory `/usr/src/linux-2.4.25/scripts/lxdialog'
make[1]: Leaving directory `/usr/src/linux-2.4.25/scripts/lxdialog'
/bin/sh scripts/Menuconfig arch/i386/config.in
Using defaults found in .config
Preparing scripts: functions, parsing.....................................................scripts/Menuconfig: xmalloc: cannot allocate 9 bytes (0 bytes allocated)
make: *** [menuconfig] Error 2
[root@velocity linux-2.4.25]#
After a couple of hours with those messages qmail stopped working as well, and I booted the server hoping that would solve the problems. Qmail is up and running again, but I'm still getting the same messages trying to run make menuconfig and spamassassin, and Apache won't start:
[Mon Dec 20 00:32:01 2004] [warn] (24)Too many open files: unable to open a file descriptor above 15, you may need to increase the number of descriptors
fopen: Too many open files
Dec 20 00:33:13 velocity kernel: grsec: From 213.225.76.xxx: attempted resource overstep by requesting 50 for RLIMIT_NOFILE against limit 50 by (httpd:13952) UID(0) EUID(0), parent (apachectl:534) UID(0) EUID(0)
Dec 20 00:33:13 velocity last message repeated 4 times
Any suggestions?