grsecurity forums

[twhiting9275]

Hi, guys
I've just had a client contact me with grsec installed on his machine. Usually the way I handle things is add a user to the machine and use sudo to maintain and manage servers. However, when I try to use sudo to do anything, I get the following error;

wolf@bart [~]# sudo w
sudo: unable to exec /usr/bin/w: Resource temporarily unavailable
wolf@bart [~]#

The logs show this:
Nov 12 12:03:11 homer sudo: wolf : TTY=pts/1 ; PWD=/home/wolf ; USER=root ; COMMAND=/bin/su
Nov 12 12:03:11 homer kernel: grsec: Attempt to overstep process limit by (sudo:4974) UID(0) EUID(0), parent (bash:29912) UID(32150) EUID(32150)

So, is there a way to get around this, allowing sudo access to any and all in /etc/sudoers without having to go through a million hoops? Sudo has been allowed access only to those in wheel group (3 users), it would be a LOT easier to be able to administrate systems with sudo enabled.

[spender]

do you have process restrictions set up for root or something? The code that does the resource check in execve is very simple.

run ulimit -u as root and see what it says

-Brad

[twhiting9275]

they did, yes, but I've removed that
That didn't stop the problem however.

[spender]

That could be the only thing causing the problem...dunno what else to tell you, it's working for everyone else.

-Brad

[Sharky]

Hi there.
I dont beleive this is a related grsecurity issue we are talkin about here.
the resources are limited either by ulimit or there's an ACL that is restricting that user ( root ) shell.
try to run that command from different shells " Example /bin/ksh or /bin/ksh" .
a good idea would be viewing the contents of the file /etc/security/limits.conf and check if the user/group limits are set if yes, clear them up for the specified group.