[grsec] Update: [Was: Kernel 2.6.10-as2-grsec-20050124:
proftpdsegfaulting (11 / SIGSEGV)]
Wolfpaw - Dale Corse
admin-lists at wolfpaw.net
Thu Feb 17 23:09:14 EST 2005
How many sessions are active when it dies? Sounds like its hitting
MaxClients, or a descriptor limit. The fact proftpd was compiled with
GRSec active would make no difference at all.
D.
> -----Original Message-----
> From: grsecurity-bounces at grsecurity.net
> [mailto:grsecurity-bounces at grsecurity.net] On Behalf Of fire-eyes
> Sent: Thursday, February 17, 2005 7:56 AM
> To: grsecurity at grsecurity.net
> Subject: [grsec] Update: [Was: Kernel
> 2.6.10-as2-grsec-20050124: proftpdsegfaulting (11 / SIGSEGV)]
>
>
> On Wed, 2005-02-16 at 14:17 -0500, fire-eyes wrote:
> > I'm running kernel 2.6.10, with the as2 patch, with grsecurity
> > 20050124 patch.
> >
> > I've been thrilled with it using it here on a server,
> except for one
> > problem i've run into. Proftpd keeps segfaulting , that is,
> signal 11
> > (SIGSEGV).
> >
> > It worked fine for all of today, up till a while ago (while
> I was at
> > lunch, of course :P ), then clients could not log in, their FTP
> > sessions were immediately closed.
> >
> > Logs show many lines similar to:
> >
> > grsec: From 192.168.1.128: signal 11 sen
> > to /usr/sbin/proftpd[proftpd:386]
> > uid/euid:0/1001 gid/egid:407/407,
> > parent /usr/sbin/proftpd[proftpd:29018]
> >
> > Now, does this mean grsecurity sent that signal? Or is this
> just the
> > signal logging?
> >
> > I repeatedly stopped proftpd and started it back up, and
> kept getting
> > the same problem.
> >
> > I rebooted to 2.6.10, and I am not having this problem, but
> needless
> > to say I'm very nervous.
>
> Update:
>
> I'm running 2.6.10 and after a few hours of running fine this
> morning, the same thing is happening to clients. Sessions
> terminated. Obviously I don't get that log line.
>
> So this does not appear to me related to grsec, unless the
> fact that I compiled proftpd whilst using grsec could enter
> in as a factor.
>
> Thanks for posting this :)
>
>
> _______________________________________________
> grsecurity mailing list
> grsecurity at grsecurity.net
> http://grsecurity.net/cgi-bin/mailman/listinfo/grsecurity
>
>
More information about the grsecurity
mailing list