grsecurity forums

I run a firewall with a grsecurity-1.9.8 enabled 2.4.20 kernel. I want to see my logs colorized and I use colortail, whenever I run it, grsecurity kills it, showing this message in the system logs:

May 15 10:08:19 f0 kernel: grsec: From 192.168.1.10: signal 11 sent to (colortail:19762) UID(0) EUID(0), parent (bash:2648) UID(0) EUID(0)

I've tried to disable grsecurity protections for this binary whit no luck:

Code: Select all

f0 root # chpax -v /usr/bin/colortail
/usr/bin/colortail: paging based PAGE_EXEC is disabled, trampolines are not emulated, mprotect() is not restricted, mmap() base is not randomized, ET_EXEC base is not randomized, segmentation based PAGE_EXEC is disabled


It still segfaults when I run it. Any ideas on how to solve it?

Thanks!

pof wrote:I run a firewall with a grsecurity-1.9.8 enabled 2.4.20 kernel. I want to see my logs colorized and I use colortail, whenever I run it, grsecurity kills it, showing this message in the system logs:

grsecurity doesn't kill the task, it merely reports the SIGSEGV, the task would die anyway. i'd suggest an upgrade to 1.9.9h at least then see if the problem still occurs. if it does, then you'll have to do some debugging as it looks like an application bug (it might be that you'll have to relax some grsecurity restrictions but the app should handle the current situation gracefully and report an error message instead of crashing).