From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/746 Path: news.gmane.org!not-for-mail From: Csillag =?iso-8859-2?Q?Tam=E1s?= Newsgroups: gmane.comp.sysutils.supervision.general Subject: Re: runit running under linux 2.4 with openwall patches Date: Mon, 14 Mar 2005 15:11:46 +0100 Message-ID: <20050314141146.GJ14286@digitus> References: <20050121193151.5581.qmail@f99cf6af5269a6.315fe32.mid.smarden.org> <1106650731.41f6266bcbe61@www.wolfpuppy.org.uk> <84B8E07C-6F29-11D9-9341-000A9598BFB2@annvix.org> <20050126004448.GI10265@digitus> <31302029-6F53-11D9-9341-000A9598BFB2@annvix.org> <20050205212555.GI20427@digitus> <86f55940a26d28d7a6a3a131c9947f5b@annvix.org> Reply-To: Csillag =?iso-8859-2?Q?Tam=E1s?= NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-2 Content-Transfer-Encoding: quoted-printable X-Trace: sea.gmane.org 1110809470 6778 80.91.229.2 (14 Mar 2005 14:11:10 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Mon, 14 Mar 2005 14:11:10 +0000 (UTC) Original-X-From: supervision-return-982-gcsg-supervision=m.gmane.org@list.skarnet.org Mon Mar 14 15:11:09 2005 Original-Received: from antah.skarnet.org ([212.85.147.14] ident=qmailr) by ciao.gmane.org with smtp (Exim 4.43) id 1DAqHS-0006FV-K9 for gcsg-supervision@gmane.org; Mon, 14 Mar 2005 15:10:51 +0100 Original-Received: (qmail 31724 invoked by uid 76); 14 Mar 2005 14:12:13 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Archive: Original-Received: (qmail 31718 invoked from network); 14 Mar 2005 14:12:13 -0000 Original-To: supervision@list.skarnet.org Content-Disposition: inline In-Reply-To: <86f55940a26d28d7a6a3a131c9947f5b@annvix.org> X-Operating-System: Gnu/Linux X-PPKE-NOSPAM: I promise, I will never let anything happen to you. Nemo. X-PGP-Key: http://digitus.itk.ppke.hu/~cstamas/cstamas.pgp User-Agent: Mutt/1.5.6+20040907i X-PPKE-ITK-MailScanner: Found to be clean X-PPKE-ITK-MailScanner-SpamCheck: not spam, SpamAssassin (pont=-11.494, szukseges 5, autolearn=not spam, AWL 1.10, BAYES_00 -2.60, LOCAL_PPKE -10.00) X-PPKE-ITK-MailScanner-From: cstamas@digitus.itk.ppke.hu X-MailScanner-To: gcsg-supervision@gmane.org Xref: news.gmane.org gmane.comp.sysutils.supervision.general:746 X-Report-Spam: http://spam.gmane.org/gmane.comp.sysutils.supervision.general:746 On 02/05, Vincent Danen wrote: >=20 > On Feb 05, 2005, at 14:25, Csillag Tam=E1s wrote: >=20 > >>Hmmm... spoke too soon. None of the services requiring tcpsvd were > >>installed, so I tried with rsync and if I start supervise on those > >>services, nothing happens. But if "sh -x run" myself, I can see the > >>services are starting. Not sure if recompiling ipsvd without dietlib= c > >>will help, but it's something I'll have to try. > >> > >>>In grsec I use the chpax utility to bypass this security checks on > >>>these > >>>(and only these) programs. > >> > >>Ouch. Not a good solution. > >> > >>>Maybe it is worth asking the author of dietlibc.. > >>>http://www.fefe.de/dietlibc/ > >> > >>I have... and am in the middle of a conversation with him. He's very > >>interested in seeing this resolved. > > > >Can you tell me what is the result? > >Felix released 0.28 recently, it contains the fixes for that or not? > >(I was unable to figure out from the CHANGES file) >=20 > I meant to email the list earlier, but didn't get a chance. I did=20 > build dietlibc 0.28 and recompiled runit under it and it seems to work=20 > ok. At least the kernel doesn't kill or stall runit anymore. But I=20 > had to build without WANT_STACKGAP due to my gcc+SSP compiler (I don't=20 > know if this will make any difference to runit itself because I can't=20 > compiled dietlibc 0.28 with gcc+SSP with WANT_STACKGAP enabled). >=20 > So far it seems good although I want to keep an eye on it more before I= =20 > put it into production. I can confirm it really works. Felix fixed it in this release! Gerrit, is it possible to push these changes to sarge before release? I mean dietlibc linked programs TIA --=20 cstamas