Re: runit running under linux 2.4 with openwall patches

["Milan P. Stanic" <mps@rns-nis.co.yu>]

[-- Attachment #1: Type: text/plain, Size: 1688 bytes --]

On Tue, Jan 25, 2005 at 09:31:48PM -0700, Vincent Danen wrote:
> 
> On Jan 25, 2005, at 17:44, Csillag Tamás wrote:
> 
> >>>Yes, it's dietlibc. Dietlibc executes code from the stack during
> >>>system calls,
> >>>afaict.
> >>
> >>Well, it's definitely dietlibc.  I compiled runit with glibc
> >>(statically) and it works just fine.   Very strange.
> >I got the same with grsecurity (www.grsecurity.org).
> >Well it did not stated exactly in the log that the stack operation is 
> >the
> >cause of killing that process.
> >
> >It could happen for *all* dietlibc linked program.
> >(I experienced in: runsv svlogd fnord tcpsvd ... )
> 
> Odd thing here is that I tried a few other apps that were 
> dietlibc-compiled and didn't see a problem.
> 
> Hmmm... spoke too soon.  None of the services requiring tcpsvd were 
> installed, so I tried with rsync and if I start supervise on those 
> services, nothing happens.  But if "sh -x run" myself, I can see the 
> services are starting.  Not sure if recompiling ipsvd without dietlibc 
> will help, but it's something I'll have to try.
> 
> >In grsec I use the chpax utility to bypass this security checks on 
> >these
> >(and only these) programs.
> 
> Ouch.  Not a good solution.
> 
> >Maybe it is worth asking the author of dietlibc..
> >http://www.fefe.de/dietlibc/
> 
> I have... and am in the middle of a conversation with him.  He's very 
> interested in seeing this resolved.

Few months ago I noticed that *any* program which is compiled/linked with
dietlibc segfaults under UML. Same programs with glibc works.
I don't know if this is related to grsec problem but maybe this info
can help.

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]