[EMAIL PROTECTED] wrote:
On 4 Nov 2007 at 7:53, Brian Kroth wrote:Nov 4 05:30:02 tux-mc grsec: signal 11 sent to /usr/sbin/cactid[cactid:12039] uid/euid:81/81 gid/egid:81/81, parentcan you run cactid from commandline after you increased the coredump limit (ulimit -c unlimited)? this way you'll get a coredump and can examine it in gdb (the usual stuff of bt, x/8i $pc, etc). also what were the exact PaX flags on cactid this time?
tux-mc ~ # paxctl -v /usr/sbin/cactid
PaX control v0.4
Copyright 2004,2005,2006 PaX Team <[EMAIL PROTECTED]>
- PaX flags: P-S-M--x-e-- [/usr/sbin/cactid]
PAGEEXEC is enabled
SEGMEXEC is enabled
MPROTECT is enabled
RANDEXEC is disabled
EMUTRAMP is disabled
Anyway to force a core dump? ulimit -c unlimited didn't seem to get me
anything in /tmp or cwd, which is where I expected to see them.
Nov 4 09:40:40 tux-mc Bad page state in process 'cactid'Nov 4 09:40:40 tux-mc page:c1504640 flags:0x40000001 mapping:00000000 mapcount:0 count:0
Nov 4 09:40:40 tux-mc Trying to fix it up, but a reboot is needed Nov 4 09:40:40 tux-mc Backtrace: Nov 4 09:40:40 tux-mc [<c0403e94>] show_trace_log_lvl+0x1a/0x30 Nov 4 09:40:40 tux-mc [<c0403ebc>] show_trace+0x12/0x14 Nov 4 09:40:40 tux-mc [<c0403fb6>] dump_stack+0x16/0x18 Nov 4 09:40:40 tux-mc [<c044bbd5>] bad_page+0x66/0x97 Nov 4 09:40:40 tux-mc [<c044c5c7>] free_hot_cold_page+0x71/0x176 Nov 4 09:40:40 tux-mc [<c044c6d6>] free_hot_page+0xa/0xc Nov 4 09:40:40 tux-mc [<c044f18c>] __page_cache_release+0x84/0x90 Nov 4 09:40:40 tux-mc [<c044f1f8>] put_page+0x27/0x36 Nov 4 09:40:40 tux-mc [<c0455d96>] do_wp_page+0x227/0x443 Nov 4 09:40:40 tux-mc [<c04571e3>] handle_mm_fault+0x2bc/0x2ef Nov 4 09:40:40 tux-mc [<c06f0714>] do_page_fault+0x34c/0x80a Nov 4 09:40:40 tux-mc [<c06eed65>] error_code+0x75/0x80 Nov 4 09:40:40 tux-mc =======================
Nevermind about what I said about nagios - I had put the wrong path into /etc/conf.d/chpax. The grsec messages still hold though. 2.6.23-hardened-r1 is building now with your patch. Do you want me to turn on some of the lock debugging options in debug kernel?let's try one thing at a time, first i'd just like to see my printk produce something at all ;-).
Sounds good.
smime.p7s
Description: S/MIME Cryptographic Signature
