From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/667
Path: main.gmane.org!not-for-mail
From: Charlie Brady <charlieb-supervision@budge.apana.org.au>
Newsgroups: gmane.comp.sysutils.supervision.general
Subject: Re: runit running under linux 2.4 with openwall patches
Date: Thu, 20 Jan 2005 17:28:22 -0500 (EST)
Message-ID: <Pine.LNX.4.44.0501201725200.11392-100000@e-smith.charlieb.ott.istop.com>
References: <AD0A7182-6B30-11D9-9341-000A9598BFB2@annvix.org>
NNTP-Posting-Host: deer.gmane.org
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Trace: sea.gmane.org 1106260116 4617 80.91.229.6 (20 Jan 2005 22:28:36 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Thu, 20 Jan 2005 22:28:36 +0000 (UTC)
Cc: supervision@list.skarnet.org
Original-X-From: supervision-return-906-gcsg-supervision=m.gmane.org@list.skarnet.org Thu Jan 20 23:28:25 2005
Return-path: <supervision-return-906-gcsg-supervision=m.gmane.org@list.skarnet.org>
Original-Received: from antah.skarnet.org ([212.85.147.14])
	by deer.gmane.org with smtp (Exim 3.35 #1 (Debian))
	id 1Crkmu-0004cg-00
	for <gcsg-supervision@gmane.org>; Thu, 20 Jan 2005 23:28:24 +0100
Original-Received: (qmail 18907 invoked by uid 76); 20 Jan 2005 22:28:45 -0000
Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm
List-Post: <mailto:supervision@list.skarnet.org>
List-Help: <mailto:supervision-help@list.skarnet.org>
List-Unsubscribe: <mailto:supervision-unsubscribe@list.skarnet.org>
List-Subscribe: <mailto:supervision-subscribe@list.skarnet.org>
List-Archive: <http://www.skarnet.org/lists/>
Original-Received: (qmail 18901 invoked from network); 20 Jan 2005 22:28:45 -0000
X-X-Sender: charlieb@e-smith.charlieb.ott.istop.com
Original-To: Vincent Danen <vdanen@annvix.org>
In-Reply-To: <AD0A7182-6B30-11D9-9341-000A9598BFB2@annvix.org>
Xref: main.gmane.org gmane.comp.sysutils.supervision.general:667
X-Report-Spam: http://spam.gmane.org/gmane.comp.sysutils.supervision.general:667


On Thu, 20 Jan 2005, Vincent Danen wrote:

> One of the features of openwall is stack protection.  I'm getting this 
> when I try to boot into a 2.4.29 kernel with openwall hardening 
> enabled:
> 
> Security: return onto stack from 0x0804812c to 0xbffffea0 running as 
> UID 0, EUID 0, process runit:1
> Security more returns onto stack, logging disabled for a minute
> 
> I can manage to make the kernel boot, but runit isn't running and it's 
> consuming 100% cpu in my vmware test machine.
> 
> I have two ideas that may be causing the problem, and not being a 
> kernel person I don't really know for 100% which it is:
> 
> 1) the Non-executable user stack area part of owl
> 2) the enforce RLIMIT_NPROC on execve(2)
> 
> I have a feeling that it's #1 tho.

Why do you have that feeling? What gives you these two ideas? Do you see 
any actions from runit before the "return onto stack" message?

You might run "strace runit-init" in place of "runit", although I'm not 
sure what chaos that might cause.