grsecurity forums

I recently built a 2.4.30 kernel with grsecurity on a centos 3.4 server, w/ cpanel installed. For the grsecurity I selected the default "Medium" settings.

Upon booting to the new kernel, I was getting errors with named and trying to access cpanel or whm over https. The follow are what seem to be the relavent messages from the log files

Named

Code: Select all

Apr 19 21:50:00 servername kernel: grsec: signal 11 sent to /usr/sbin/rndc[rndc:27101] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/rndc[rndc:18030] uid/euid:0/0 gid/egid:0/0
Apr 19 21:50:00 servername kernel: grsec: signal 11 sent to /usr/sbin/rndc[rndc:18030] uid/euid:0/0 gid/egid:0/0, parent /etc/rc.d/init.d/named[named:6756] uid/euid:0/0 gid/egid:0/0 by /usr/sbin/rndc[rndc:27101] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/rndc[rndc:18030] uid/euid:0/0 gid/egid:0/0
Apr 19 21:50:00 servername kernel: grsec: signal 11 sent to /usr/sbin/rndc[rndc:31532] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/rndc[rndc:18030] uid/euid:0/0 gid/egid:0/0 by /usr/sbin/rndc[rndc:27101] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/rndc[rndc:18030] uid/euid:0/0 gid/egid:0/0
Apr 19 21:50:00 servername kernel: grsec: signal 11 sent to /usr/sbin/rndc[rndc:18030] uid/euid:0/0 gid/egid:0/0, parent /etc/rc.d/init.d/named[named:6756] uid/euid:0/0 gid/egid:0/0 by /usr/sbin/rndc[rndc:31532] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/rndc[rndc:18030] uid/euid:0/0 gid/egid:0/0
Apr 19 21:50:03 servername kernel: grsec: signal 11 sent to /usr/sbin/named[named:24564] uid/euid:25/25 gid/egid:25/25, parent /usr/sbin/named[named:1252] uid/euid:25/25 gid/egid:25/25


whm/cpanel over https (stunnel problem I believe)

Code: Select all

Apr 19 21:50:56 servername kernel: grsec: From xx.xx.xx.xx: signal 11 sent to /usr/bin/stunnel-4.04local[stunnel-4.04loc:10825] uid/euid:32001/32001 gid/egid:502/502, parent /usr/bin/stunnel-4.04local[stunnel-4.04loc:18306] uid/euid:32001/32001 gid/egid:502/502
Apr 19 21:50:56 servername kernel: grsec: From xx.xx.xx.xx: signal 11 sent to /usr/bin/stunnel-4.04local[stunnel-4.04loc:18306] uid/euid:32001/32001 gid/egid:502/502, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0 by /usr/bin/stunnel-4.04local[stunnel-4.04loc:10825] uid/euid:32001/32001 gid/egid:502/502, parent /usr/bin/stunnel-4.04local[stunnel-4.04loc:18306] uid/euid:32001/32001 gid/egid:502/502
Apr 19 21:52:06 servername kernel: grsec: From xx.xx.xx.xx: signal 11 sent to /usr/bin/host[host:7401] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/host[host:14280] uid/euid:0/0 gid/egid:0/0
Apr 19 21:52:06 servername kernel: grsec: From xx.xx.xx.xx: signal 11 sent to /usr/bin/host[host:14280] uid/euid:0/0 gid/egid:0/0, parent /usr/local/cpanel/whostmgr/bin/whostmgr[whostmgr:14358] uid/euid:0/0 gid/egid:0/0 by /usr/bin/host[host:7401] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/host[host:14280] uid/euid:0/0 gid/egid:0/0
Apr 19 21:52:47 servername kernel: grsec: From xx.xx.xx.xx: signal 11 sent to /usr/bin/stunnel-4.04local[stunnel-4.04loc:31019] uid/euid:32001/32001 gid/egid:502/502, parent /usr/bin/stunnel-4.04local[stunnel-4.04loc:30383] uid/euid:32001/32001 gid/egid:502/502
Apr 19 21:52:47 servername kernel: grsec: From xx.xx.xx.xx: signal 11 sent to /usr/bin/stunnel-4.04local[stunnel-4.04loc:30383] uid/euid:32001/32001 gid/egid:502/502, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0 by /usr/bin/stunnel-4.04local[stunnel-4.04loc:31019] uid/euid:32001/32001 gid/egid:502/502, parent /usr/bin/stunnel-4.04local[stunnel-4.04loc:30383] uid/euid:32001/32001 gid/egid:502/502

From what I have supplied can anyone suggest what might be the problem and what I could do to correct it?

Many thanks,

Scratch this question. The problem wasn't grsecurity related at all. it was due to nptl.

can you tell me how did you fix it ?

RuleMaN wrote:can you tell me how did you fix it ?

http://www.choon.net/nptl.php