Upon reboot I see messages like these in log:
- Code: Select all
grsec: failed fork with errno EAGAIN by /usr/sbin/laptop_mode
grsec: failed fork with errno EAGAIN by /lib64/udev/usb_modeswitch
grsec: failed fork with errno EAGAIN by /usr/lib64/systemd/systemd-udevd
Taking a look at on fork's man page I see this:
- Code: Select all
EAGAIN
fork() cannot allocate sufficient memory to copy the parent's page tables and allocate a task structure for the child.
EAGAIN
It was not possible to create a new process because the caller's RLIMIT_NPROC resource limit was encountered. To exceed this limit, the process must have either the CAP_SYS_ADMIN or the CAP_SYS_RESOURCE capability.
ENOMEM
fork() failed to allocate the necessary kernel structures because memory is tight.
Since I haven't see ENOMEM, and haven't changed any rlimit, and these processes already had CAP_SYS_ADMIN, I tried to allocate CAP_SYS_RESOURCE as well. After another reboot I can still see some /usr/sbin/laptop_mode lines.
Something must have changed in between 4.3.5-hardened-r2 and the new 4.4.2-hardened.
There was only a single new option I've enabled: CONFIG_GRKERNSEC_HARDEN_TTY=y. Could this new feature be responsible for these fork failures or some other factor must be blamed?
Please let me know if you have any idea on this one!
Thx: Dw.