grsecurity forums

I am a new grsecurity user and I get the following error message when I use gradm:

Could not open /dev/grsec
open: No such device or address

I use Mandrake Linux 9.1, which strangly did not come with gradm in the standard distribution. I also do not know which grsec the the secure-kernel has been patched with, but I managed to install gradm-2.0-0.2mdk.i586.rpm from MandrakeCooker, which produced this error message. I also tried to download the latest gradm-2.0-rc3 and ran make install with the same result. The gradm-1.9.12 does not work at all. It just tells me that this version is not compatible with grsec in my system.

Can anyone clarify me about this?

Before the /dev/grsec device was introduced, gradm sent messages through some file in /proc (/proc/sys/grsecurity ??), and my guess is that the Mandrake version is at least that old. Also the gradm program is not backwards compatible.

I would recommend patching and compiling the kernel by yourself, it will save you some blood, sweat and tears in the end

I am afraid that your right. I am currently not that keen on recompiling and patching the kernel myself since I have not done that before. I had a lot of trouble getting my linux box and running in the first place. Next I had a lot of trouble getting apache and tomcat to run together, which to large extend was caused by grsecurity. After I installed gradm it suddenly worked in linux-secure mode, which is probably because it installs a default acl. Mandrake 9.1 did not install any, which was probably the reason for my troubles.

However, I still have some grsec signal 11 on tomcat when I start it up. It does not seem to affect its working, but I would really like to get rid of the error message, and this is the reason why I started experimenting with the acl and gradm in the first place. I will postpone further experiments unless you have a ready to use acl fix for my tomcat trouble. I'll then get back to what I really intended to do: setting up a webserver. Thanks anyway.