grsecurity forums


https://forums.grsecurity.net./

Ubuntu grsec klogd start failed on boot

https://forums.grsecurity.net./viewtopic.php?f=3&t=1972

Page 1 of 1

Ubuntu grsec klogd start failed on boot

PostPosted: Tue May 20, 2008 2:30 am
by DrMcKay
Hi,

I'm a newbie with grsec. At boot time i get this error:

grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /sbin/klogd......

:~# uname -a
Linux ubuntu 2.6.24.5-grsec #2 SMP Mon May 19 18:45:18 CEST 2008 i686 GNU/Linux

I installed gradm. What i need to do to solve this?

Thanks!

Peter

Re: Ubuntu grsec klogd start failed on boot

PostPosted: Tue May 20, 2008 3:21 am
by DrMcKay
# ulimit -a
core file size (blocks, -c) unlimited
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 20477
max locked memory (kbytes, -l) 32
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 20477
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited


:) It's looks good. Please, help me :(

Re: Ubuntu grsec klogd start failed on boot

PostPosted: Tue May 20, 2008 3:24 am
by DrMcKay
Hmmm. I found these lines in dmesg:

[ 56.879620] klogd[5126]: segfault at 00000046 eip adc222cd esp b8e7f440 error 4
[ 56.879643] grsec: signal 11 sent to /sbin/klogd[klogd:5126] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:5124] uid/euid:103/103 gid/egid:104/104
[ 56.879740] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /sbin/klogd[klogd:5126] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:5124] uid/euid:103/103 gid/egid:104/104



[ 1519.519827] klogd[7940]: segfault at 00000046 eip a73f72cd esp be555360 error 4
[ 1519.519852] grsec: signal 11 sent to /sbin/klogd[klogd:7940] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:7938] uid/euid:103/103 gid/egid:104/104
[ 1754.288615] klogd[7968]: segfault at 00000046 eip b47072cd esp bd730250 error 4
[ 1754.288639] grsec: signal 11 sent to /sbin/klogd[klogd:7968] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:7966] uid/euid:103/103 gid/egid:104/104
[ 1798.799229] klogd[8009]: segfault at 00000046 eip b071b2cd esp babaa790 error 4
[ 1798.799252] grsec: signal 11 sent to /sbin/klogd[klogd:8009] uid/euid:103/103 gid/egid:104/104, parent /sbin/klogd[klogd:8007] uid/euid:103/103 gid/egid:104/104

Re: Ubuntu grsec klogd start failed on boot

PostPosted: Wed May 21, 2008 5:09 am
by PaX Team
DrMcKay wrote:Hmmm. I found these lines in dmesg:

[ 56.879620] klogd[5126]: segfault at 00000046 eip adc222cd esp b8e7f440 error 4
that's a sign of klogd crashing due to a NULL pointer dereference problem, the rest is just grsecurity reporting the fact. you'll have to debug it to find out why klogd is crashing.

Re: Ubuntu grsec klogd start failed on boot

PostPosted: Wed Jun 25, 2008 2:39 pm
by cookiemonster
I compiled an ubuntu based grsec 2.1.11 and I'm having the same problem, after alot of recompiling, it had something to do additionnal proc restrictions. Can someone explain why ?

Re: Ubuntu grsec klogd start failed on boot

PostPosted: Wed Jun 25, 2008 10:58 pm
by nowshining
DrMcKay wrote:Hi,

I'm a newbie with grsec. At boot time i get this error:

grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /sbin/klogd......

:~# uname -a
Linux ubuntu 2.6.24.5-grsec #2 SMP Mon May 19 18:45:18 CEST 2008 i686 GNU/Linux

I installed gradm. What i need to do to solve this?

Thanks!

Peter


Using a non-ubuntu patched kernel source would be best. It's really suggested to use a vanilla kernel.org kernel. I forgot where the grsecurity team tells of this, but I remember seeing it somewhere.

Why: The patches Ubuntu makes may or may not have problems with the patch, etc.. http://kernel.org/pub/linux/kernel/v2.6/ - choose ur kernel ver. 2.6.24.7 is the last of the 2.6.24 series as of this post. Alas As of this post 2.6.25.9 is the latest of the 2.6.25 series.

For comparison here is my ulimit -a on kubuntu Gutsy Gibbon 7.10 with kernel 2.6.24.7 - vanilla -

Code: Select all
 
Linux botnetgodalphamale 2.6.24.7-botnetgodalphamale-grsec #1 Mon Jun 23 14:13:25 PDT 2008 i686 GNU/Linux


Code: Select all
 
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 30
file size               (blocks, -f) unlimited
pending signals                 (-i) 4091
max locked memory       (kbytes, -l) 32
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 4091
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

Re: Ubuntu grsec klogd start failed on boot

PostPosted: Tue Oct 21, 2008 5:47 pm
by RalfH
Hi,

try to disable CONFIG_GRKERNSEC_HIDESYM in the kernel config. This should fix the problem.
After re-compiling the kernel your ubuntu should boot and start klogd without problems.

Ralf
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/