Connot execute top
Posted: Wed Sep 10, 2008 5:18 amHi,
I'm very new to grsecurity. So my problem is, that i installed a gentoo hrdened kernel with grsecurity turned on. After i started my system with the new kernel i am not able to execute top.
I get following errors:
strace output:
Can you please help me with my problem? And explain me why this happens and what i have to do so that top and other things like dovecot are starting.
thank you
kersten
I'm very new to grsecurity. So my problem is, that i installed a gentoo hrdened kernel with grsecurity turned on. After i started my system with the new kernel i am not able to execute top.
I get following errors:
- Code: Select all
Sep 10 10:25:12 minimal grsec: From xx.xx.xx.x: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/bin/top[top:5345] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:5338] uid/euid:0/0 gid/egid:0/0
strace output:
- Code: Select all
execve("/usr/bin/top", ["top"], [/* 27 vars */]) = 0
brk(0) = 0x1fa9964c5d0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x72a66e7cd000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x72a66e7cc000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=38422, ...}) = 0
mmap(NULL, 38422, PROT_READ, MAP_PRIVATE, 3, 0) = 0x72a66e7c2000
close(3) = 0
open("/lib/libproc-3.2.7.so", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@C\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0555, st_size=63416, ...}) = 0
mmap(NULL, 2239896, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x72a66e391000
mprotect(0x72a66e39f000, 2097152, PROT_NONE) = 0
mmap(0x72a66e59f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x72a66e59f000
mmap(0x72a66e5a1000, 77208, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x72a66e5a1000
close(3) = 0
open("/lib/libncurses.so.5", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0` \2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=418400, ...}) = 0
mmap(NULL, 2516920, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x72a66e12a000
mprotect(0x72a66e182000, 2093056, PROT_NONE) = 0
mmap(0x72a66e381000, 61440, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x57000) = 0x72a66e381000
mmap(0x72a66e390000, 1976, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x72a66e390000
close(3) = 0
open("/lib/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\343\1\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1412104, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x72a66e7c1000
mmap(NULL, 3520216, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x72a66ddce000
mprotect(0x72a66df20000, 2097152, PROT_NONE) = 0
mmap(0x72a66e120000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x152000) = 0x72a66e120000
mmap(0x72a66e125000, 18136, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x72a66e125000
close(3) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x72a66e7c0000
arch_prctl(ARCH_SET_FS, 0x72a66e7c06f0) = 0
open("/dev/urandom", O_RDONLY) = 3
read(3, "G1\33\360\33?\33\330", 8) = 8
close(3) = 0
mprotect(0x72a66e120000, 16384, PROT_READ) = 0
mprotect(0x72a66e381000, 57344, PROT_READ) = 0
mprotect(0x72a66e59f000, 4096, PROT_READ) = 0
mprotect(0x1fa99639000, 4096, PROT_READ) = 0
mprotect(0x72a66e7d0000, 4096, PROT_READ) = 0
munmap(0x72a66e7c2000, 38422) = 0
uname({sys="Linux", node="minimal.cc", ...}) = 0
brk(0) = 0x1fa9964c5d0
brk(0x1fa9966d5d0) = 0x1fa9966d5d0
brk(0x1fa9966e000) = 0x1fa9966e000
open("/proc/stat", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x72a66e7cb000
read(3, "cpu 2455 57 786 309534 2908 21 "..., 1024) = 750
read(3, "", 1024) = 0
close(3) = 0
munmap(0x72a66e7cb000, 4096) = 0
brk(0x1fa9966d000) = 0x1fa9966d000
open("/proc/sys/kernel/pid_max", O_RDONLY) = 3
read(3, "32768\n", 24) = 6
close(3) = 0
open("/etc/toprc", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/root/.toprc", O_RDONLY) = -1 ENOENT (No such file or directory)
getuid() = 0
stat("/proc/self", {st_mode=S_IFDIR|0500, st_size=0, ...}) = 0
ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
stat("/root/.terminfo", 0x732ec360f8e0) = -1 ENOENT (No such file or directory)
stat("/etc/terminfo", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
access("/etc/terminfo/x/xterm", R_OK) = 0
open("/etc/terminfo/x/xterm", O_RDONLY) = 3
read(3, "\32\0010\0&\0\17\0\235\1F\5xterm|xterm terminal"..., 4097) = 2522
close(3) = 0
ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(1, TIOCGWINSZ, {ws_row=60, ws_col=176, ws_xpixel=0, ws_ypixel=0}) = 0
ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(0, SNDCTL_TMR_CONTINUE or TCSETSF, {B38400 opost isig -icanon -echo ...}) = 0
ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig -icanon -echo ...}) = 0
ioctl(1, TIOCGWINSZ, {ws_row=60, ws_col=176, ws_xpixel=0, ws_ypixel=0}) = 0
rt_sigaction(SIGALRM, {0x1fa9942ef30, [ALRM], SA_RESTORER|SA_RESTART, 0x72a66ddffbe0}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGHUP, {0x1fa9942ef30, [HUP], SA_RESTORER|SA_RESTART, 0x72a66ddffbe0}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGINT, {0x1fa9942ef30, [INT], SA_RESTORER|SA_RESTART, 0x72a66ddffbe0}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGPIPE, {0x1fa9942ef30, [PIPE], SA_RESTORER|SA_RESTART, 0x72a66ddffbe0}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGQUIT, {0x1fa9942ef30, [QUIT], SA_RESTORER|SA_RESTART, 0x72a66ddffbe0}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGTERM, {0x1fa9942ef30, [TERM], SA_RESTORER|SA_RESTART, 0x72a66ddffbe0}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGTSTP, {0x1fa9942f000, [TSTP], SA_RESTORER|SA_RESTART, 0x72a66ddffbe0}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGTTIN, {0x1fa9942f000, [TTIN], SA_RESTORER|SA_RESTART, 0x72a66ddffbe0}, {SIG_IGN}, 8) = 0
rt_sigaction(SIGTTOU, {0x1fa9942f000, [TTOU], SA_RESTORER|SA_RESTART, 0x72a66ddffbe0}, {SIG_IGN}, 8) = 0
rt_sigaction(SIGCONT, {0x1fa99430fd0, [CONT], SA_RESTORER|SA_RESTART, 0x72a66ddffbe0}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGWINCH, {0x1fa99430fd0, [WINCH], SA_RESTORER|SA_RESTART, 0x72a66ddffbe0}, {SIG_DFL}, 8) = 0
+++ killed by SIGKILL +++
Can you please help me with my problem? And explain me why this happens and what i have to do so that top and other things like dovecot are starting.
thank you
kersten