From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/686 Path: main.gmane.org!not-for-mail From: Vincent Danen Newsgroups: gmane.comp.sysutils.supervision.general Subject: Re: runit running under linux 2.4 with openwall patches Date: Tue, 25 Jan 2005 21:31:48 -0700 Message-ID: <31302029-6F53-11D9-9341-000A9598BFB2@annvix.org> References: <20050121193151.5581.qmail@f99cf6af5269a6.315fe32.mid.smarden.org> <1106650731.41f6266bcbe61@www.wolfpuppy.org.uk> <84B8E07C-6F29-11D9-9341-000A9598BFB2@annvix.org> <20050126004448.GI10265@digitus> NNTP-Posting-Host: deer.gmane.org Mime-Version: 1.0 (Apple Message framework v619) Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Apple-Mail-103--442310571" Content-Transfer-Encoding: 7bit X-Trace: sea.gmane.org 1106713920 31527 80.91.229.6 (26 Jan 2005 04:32:00 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Wed, 26 Jan 2005 04:32:00 +0000 (UTC) Cc: Original-X-From: supervision-return-925-gcsg-supervision=m.gmane.org@list.skarnet.org Wed Jan 26 05:31:53 2005 Return-path: Original-Received: from antah.skarnet.org ([212.85.147.14]) by deer.gmane.org with smtp (Exim 3.35 #1 (Debian)) id 1CteqP-000660-00 for ; Wed, 26 Jan 2005 05:31:53 +0100 Original-Received: (qmail 31383 invoked by uid 76); 26 Jan 2005 04:32:14 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Archive: Original-Received: (qmail 31377 invoked from network); 26 Jan 2005 04:32:14 -0000 In-Reply-To: <20050126004448.GI10265@digitus> Original-To: =?ISO-8859-1?Q?Csillag_Tam=E1s?= X-Pgp-Agent: GPGMail 1.0.2 X-Mailer: Apple Mail (2.619) X-SA-Exim-Connect-IP: 68.149.32.61 X-SA-Exim-Mail-From: vdanen@annvix.org X-SA-Exim-Version: 4.1 (built Fri, 21 Jan 2005 07:43:05 -0700) X-SA-Exim-Scanned: Yes (on hades.annvix.org) Xref: main.gmane.org gmane.comp.sysutils.supervision.general:686 X-Report-Spam: http://spam.gmane.org/gmane.comp.sysutils.supervision.general:686 --Apple-Mail-103--442310571 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=ISO-8859-1; format=flowed On Jan 25, 2005, at 17:44, Csillag Tam=E1s wrote: >>> Yes, it's dietlibc. Dietlibc executes code from the stack during >>> system calls, >>> afaict. >> >> Well, it's definitely dietlibc. I compiled runit with glibc >> (statically) and it works just fine. Very strange. > I got the same with grsecurity (www.grsecurity.org). > Well it did not stated exactly in the log that the stack operation is=20= > the > cause of killing that process. > > It could happen for *all* dietlibc linked program. > (I experienced in: runsv svlogd fnord tcpsvd ... ) Odd thing here is that I tried a few other apps that were=20 dietlibc-compiled and didn't see a problem. Hmmm... spoke too soon. None of the services requiring tcpsvd were=20 installed, so I tried with rsync and if I start supervise on those=20 services, nothing happens. But if "sh -x run" myself, I can see the=20 services are starting. Not sure if recompiling ipsvd without dietlibc=20= will help, but it's something I'll have to try. > In grsec I use the chpax utility to bypass this security checks on=20 > these > (and only these) programs. Ouch. Not a good solution. > Maybe it is worth asking the author of dietlibc.. > http://www.fefe.de/dietlibc/ I have... and am in the middle of a conversation with him. He's very=20 interested in seeing this resolved. --=20 Annvix - Secure Linux Server: http://annvix.org/ "lynx -source http://linsec.ca/vdanen.asc | gpg --import" {FEE30AD4 : 7F6C A60C 06C2 4811 FA1C A2BC 2EBC 5E32 FEE3 0AD4} --Apple-Mail-103--442310571 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (Darwin) iD8DBQFB9x00LrxeMv7jCtQRAim2AJ0Xq3KGF/O4QSxpKqNbYEJZ7DIgegCgvi1j S/fQggNV9BOl819yksAon2w= =Gy/4 -----END PGP SIGNATURE----- --Apple-Mail-103--442310571--