Hi,
I'm a newbie with grsec. At boot time i get this error:
grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /sbin/klogd......
:~# uname -a
Linux ubuntu 2.6.24.5-grsec #2 SMP Mon May 19 18:45:18 CEST 2008 i686 GNU/Linux
I installed gradm. What i need to do to solve this?
Thanks!
Peter
Ubuntu grsec klogd start failed on boot
7 posts
• Page 1 of 1
Ubuntu grsec klogd start failed on boot
by DrMcKay » Tue May 20, 2008 2:30 am
- DrMcKay
- Posts: 3
- Joined: Tue May 20, 2008 2:26 am
Re: Ubuntu grsec klogd start failed on boot
by DrMcKay » Tue May 20, 2008 3:21 am
# ulimit -a
core file size (blocks, -c) unlimited
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 20477
max locked memory (kbytes, -l) 32
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 20477
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
It's looks good. Please, help me 
core file size (blocks, -c) unlimited
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 20477
max locked memory (kbytes, -l) 32
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 20477
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
It's looks good. Please, help me - DrMcKay
- Posts: 3
- Joined: Tue May 20, 2008 2:26 am
Re: Ubuntu grsec klogd start failed on boot
by DrMcKay » Tue May 20, 2008 3:24 am
Hmmm. I found these lines in dmesg:
[ 56.879620] klogd[5126]: segfault at 00000046 eip adc222cd esp b8e7f440 error 4
[ 56.879643] grsec: signal 11 sent to /sbin/klogd[klogd:5126] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:5124] uid/euid:103/103 gid/egid:104/104
[ 56.879740] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /sbin/klogd[klogd:5126] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:5124] uid/euid:103/103 gid/egid:104/104
[ 1519.519827] klogd[7940]: segfault at 00000046 eip a73f72cd esp be555360 error 4
[ 1519.519852] grsec: signal 11 sent to /sbin/klogd[klogd:7940] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:7938] uid/euid:103/103 gid/egid:104/104
[ 1754.288615] klogd[7968]: segfault at 00000046 eip b47072cd esp bd730250 error 4
[ 1754.288639] grsec: signal 11 sent to /sbin/klogd[klogd:7968] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:7966] uid/euid:103/103 gid/egid:104/104
[ 1798.799229] klogd[8009]: segfault at 00000046 eip b071b2cd esp babaa790 error 4
[ 1798.799252] grsec: signal 11 sent to /sbin/klogd[klogd:8009] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:8007] uid/euid:103/103 gid/egid:104/104
[ 56.879620] klogd[5126]: segfault at 00000046 eip adc222cd esp b8e7f440 error 4
[ 56.879643] grsec: signal 11 sent to /sbin/klogd[klogd:5126] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:5124] uid/euid:103/103 gid/egid:104/104
[ 56.879740] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /sbin/klogd[klogd:5126] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:5124] uid/euid:103/103 gid/egid:104/104
[ 1519.519827] klogd[7940]: segfault at 00000046 eip a73f72cd esp be555360 error 4
[ 1519.519852] grsec: signal 11 sent to /sbin/klogd[klogd:7940] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:7938] uid/euid:103/103 gid/egid:104/104
[ 1754.288615] klogd[7968]: segfault at 00000046 eip b47072cd esp bd730250 error 4
[ 1754.288639] grsec: signal 11 sent to /sbin/klogd[klogd:7968] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:7966] uid/euid:103/103 gid/egid:104/104
[ 1798.799229] klogd[8009]: segfault at 00000046 eip b071b2cd esp babaa790 error 4
[ 1798.799252] grsec: signal 11 sent to /sbin/klogd[klogd:8009] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:8007] uid/euid:103/103 gid/egid:104/104
- DrMcKay
- Posts: 3
- Joined: Tue May 20, 2008 2:26 am
Re: Ubuntu grsec klogd start failed on boot
by PaX Team » Wed May 21, 2008 5:09 am
that's a sign of klogd crashing due to a NULL pointer dereference problem, the rest is just grsecurity reporting the fact. you'll have to debug it to find out why klogd is crashing.DrMcKay wrote:Hmmm. I found these lines in dmesg:
[ 56.879620] klogd[5126]: segfault at 00000046 eip adc222cd esp b8e7f440 error 4
- PaX Team
- Posts: 2310
- Joined: Mon Mar 18, 2002 4:35 pm
Re: Ubuntu grsec klogd start failed on boot
by cookiemonster » Wed Jun 25, 2008 2:39 pm
I compiled an ubuntu based grsec 2.1.11 and I'm having the same problem, after alot of recompiling, it had something to do additionnal proc restrictions. Can someone explain why ?
- cookiemonster
- Posts: 8
- Joined: Wed Jun 25, 2008 1:15 pm
Re: Ubuntu grsec klogd start failed on boot
by nowshining » Wed Jun 25, 2008 10:58 pm
DrMcKay wrote:Hi,
I'm a newbie with grsec. At boot time i get this error:
grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /sbin/klogd......
:~# uname -a
Linux ubuntu 2.6.24.5-grsec #2 SMP Mon May 19 18:45:18 CEST 2008 i686 GNU/Linux
I installed gradm. What i need to do to solve this?
Thanks!
Peter
Using a non-ubuntu patched kernel source would be best. It's really suggested to use a vanilla kernel.org kernel. I forgot where the grsecurity team tells of this, but I remember seeing it somewhere.
Why: The patches Ubuntu makes may or may not have problems with the patch, etc.. http://kernel.org/pub/linux/kernel/v2.6/ - choose ur kernel ver. 2.6.24.7 is the last of the 2.6.24 series as of this post. Alas As of this post 2.6.25.9 is the latest of the 2.6.25 series.
For comparison here is my ulimit -a on kubuntu Gutsy Gibbon 7.10 with kernel 2.6.24.7 - vanilla -
- Code: Select all
Linux botnetgodalphamale 2.6.24.7-botnetgodalphamale-grsec #1 Mon Jun 23 14:13:25 PDT 2008 i686 GNU/Linux
- Code: Select all
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 30
file size (blocks, -f) unlimited
pending signals (-i) 4091
max locked memory (kbytes, -l) 32
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 4091
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
- nowshining
- Posts: 13
- Joined: Sat Sep 08, 2007 11:56 pm
Re: Ubuntu grsec klogd start failed on boot
by RalfH » Tue Oct 21, 2008 5:47 pm
Hi,
try to disable CONFIG_GRKERNSEC_HIDESYM in the kernel config. This should fix the problem.
After re-compiling the kernel your ubuntu should boot and start klogd without problems.
Ralf
try to disable CONFIG_GRKERNSEC_HIDESYM in the kernel config. This should fix the problem.
After re-compiling the kernel your ubuntu should boot and start klogd without problems.
Ralf
- RalfH
- Posts: 1
- Joined: Tue Oct 21, 2008 5:42 pm
7 posts
• Page 1 of 1