gradm2 segfaults
Posted: Mon May 24, 2004 5:59 pm
Hi!
I have some problem with grsecurity 2.0/kernel 2.4.26
I created a base acl with full learn mode, it was fine. After this, i added learn modes to some subjects, like this:
role root uG
role_transitions admin
role_allow_ip 0.0.0.0/0
subject / {
/
/bin rx
/lib rx
/sbin h
...
-CAP_ALL
bind disabled
connect disabled
}
...
subject /usr/lib/postfix/bounce ol {
/ h
-CAP_ALL
connect disabled
bind disabled
}
And i have role learn modes as well:
role bind ul
Then I start the learning with
gradm -L /var/log/grsec-learn.log -E
Everything goes well, the log is growing, but when I want to create the acls from this log:
ultranet:~# gradm -L /var/log/grsecurity-learn.log -O /etc/grsec/acl.gen
Segmentation fault
In the logfile I can see this:
May 24 23:56:47 ultranet grsec: From xxx.xxx.xxx.xxx: signal 11 sent to
/sbin/gradm[gradm:9786] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:25504] uid/euid:0/0 gid/egid:0/0
May 24 23:56:47 ultranet grsec: From xxx.xxx.xxx.xxx: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by /sbin/gradm[gradm:9786] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:25504] uid/euid:0/0 gid/egid:0/0
So gradm segfaults, and I don't know, what the problem is. Is the role learning causing it? Did I miss something?
Help, please
Thanks in advance, onyx
I have some problem with grsecurity 2.0/kernel 2.4.26
I created a base acl with full learn mode, it was fine. After this, i added learn modes to some subjects, like this:
role root uG
role_transitions admin
role_allow_ip 0.0.0.0/0
subject / {
/
/bin rx
/lib rx
/sbin h
...
-CAP_ALL
bind disabled
connect disabled
}
...
subject /usr/lib/postfix/bounce ol {
/ h
-CAP_ALL
connect disabled
bind disabled
}
And i have role learn modes as well:
role bind ul
Then I start the learning with
gradm -L /var/log/grsec-learn.log -E
Everything goes well, the log is growing, but when I want to create the acls from this log:
ultranet:~# gradm -L /var/log/grsecurity-learn.log -O /etc/grsec/acl.gen
Segmentation fault
In the logfile I can see this:
May 24 23:56:47 ultranet grsec: From xxx.xxx.xxx.xxx: signal 11 sent to
/sbin/gradm[gradm:9786] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:25504] uid/euid:0/0 gid/egid:0/0
May 24 23:56:47 ultranet grsec: From xxx.xxx.xxx.xxx: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by /sbin/gradm[gradm:9786] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:25504] uid/euid:0/0 gid/egid:0/0
So gradm segfaults, and I don't know, what the problem is. Is the role learning causing it? Did I miss something?
Help, please
Thanks in advance, onyx