Package: dietlibc Version: 0.27 Severity: important Hi,
dietlibc contains a bug so programs linked versions prior to 0.28 gets killed by a kernel with stack protection. I am using grsecurity and I get the following in the kernel log: 2004-11-20_01:39:43.06753 kern.err: PAX: execution attempt in: <anonymous mapping>, 5d0bc000-5d0bd000 00000000 2004-11-20_01:39:43.06756 kern.err: PAX: terminating task: /usr/bin/runsv(runsv):628, uid/euid: 0/0, PC: 5d0bcb04, SP: 5d0bc834 2004-11-20_01:39:43.06757 kern.err: PAX: bytes at PC: 58 b8 77 00 00 00 cd 80 00 00 00 00 f8 9d 04 08 38 cb 0b 5d 2004-11-20_01:39:43.06758 kern.alert: grsec: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by /usr/bin/runsv[runsv:628] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/runsvdir[runsvdir:627] uid/euid:0/0 gid/egid:0/0 2004-11-20_01:39:43.06759 kern.err: PAX: execution attempt in: <anonymous mapping>, 58ef4000-58ef6000 fffff000 2004-11-20_01:39:43.06760 kern.err: PAX: terminating task: /usr/bin/runsv(runsv):629, uid/euid: 0/0, PC: 58ef4d64, SP: 58ef4a94 2004-11-20_01:39:43.06760 kern.err: PAX: bytes at PC: 58 b8 77 00 00 00 cd 80 00 00 00 00 f8 9d 04 08 98 4d ef 58 2004-11-20_01:39:43.06761 kern.alert: grsec: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by /usr/bin/runsv[runsv:629] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/runsvdir[runsvdir:627] uid/euid:0/0 gid/egid:0/0 It only works if I selectively disable the stack protection on these programs with chpax. Vincent Danen experienced the same with OpenWall patches. http://article.gmane.org/gmane.comp.sysutils.supervision.general/666 Programs get killed when some action happens in the current program (e.g svlogd rotates the log, fnord starts a cgi, runsv sends a signal) However it is not credited (AFAIK) in the changes file Vincent said that 0.28 is fine the bug is corrected. It seems to me this is true, because after installing the most recent (0.28) version of dietlibc and building runit from (debian) sources with apt-get -b source runit. It seems to be fine. In short: it seems to me that linking it agains a newer dietlibc corrects the problem. ('seems' means I am almost sure, but not entirely sure) -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.10-cstamas Locale: LANG=C, LC_CTYPE=hu_HU.ISO-8859-2 (charmap=ISO-8859-2) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
