[EMAIL PROTECTED] wrote:
On 4 Nov 2007 at 7:53, Brian Kroth wrote:

Nov 4 05:30:02 tux-mc grsec: signal 11 sent to /usr/sbin/cactid[cactid:12039] uid/euid:81/81 gid/egid:81/81, parent

can you run cactid from commandline after you increased the coredump
limit (ulimit -c unlimited)? this way you'll get a coredump and can
examine it in gdb (the usual stuff of bt, x/8i $pc, etc). also what
were the exact PaX flags on cactid this time?

tux-mc ~ # paxctl -v /usr/sbin/cactid
PaX control v0.4
Copyright 2004,2005,2006 PaX Team <[EMAIL PROTECTED]>

- PaX flags: P-S-M--x-e-- [/usr/sbin/cactid]
        PAGEEXEC is enabled
        SEGMEXEC is enabled
        MPROTECT is enabled
        RANDEXEC is disabled
        EMUTRAMP is disabled

Anyway to force a core dump? ulimit -c unlimited didn't seem to get me anything in /tmp or cwd, which is where I expected to see them.

Nov  4 09:40:40 tux-mc Bad page state in process 'cactid'
Nov 4 09:40:40 tux-mc page:c1504640 flags:0x40000001 mapping:00000000 mapcount:0 count:0
Nov  4 09:40:40 tux-mc Trying to fix it up, but a reboot is needed
Nov  4 09:40:40 tux-mc Backtrace:
Nov  4 09:40:40 tux-mc [<c0403e94>] show_trace_log_lvl+0x1a/0x30
Nov  4 09:40:40 tux-mc [<c0403ebc>] show_trace+0x12/0x14
Nov  4 09:40:40 tux-mc [<c0403fb6>] dump_stack+0x16/0x18
Nov  4 09:40:40 tux-mc [<c044bbd5>] bad_page+0x66/0x97
Nov  4 09:40:40 tux-mc [<c044c5c7>] free_hot_cold_page+0x71/0x176
Nov  4 09:40:40 tux-mc [<c044c6d6>] free_hot_page+0xa/0xc
Nov  4 09:40:40 tux-mc [<c044f18c>] __page_cache_release+0x84/0x90
Nov  4 09:40:40 tux-mc [<c044f1f8>] put_page+0x27/0x36
Nov  4 09:40:40 tux-mc [<c0455d96>] do_wp_page+0x227/0x443
Nov  4 09:40:40 tux-mc [<c04571e3>] handle_mm_fault+0x2bc/0x2ef
Nov  4 09:40:40 tux-mc [<c06f0714>] do_page_fault+0x34c/0x80a
Nov  4 09:40:40 tux-mc [<c06eed65>] error_code+0x75/0x80
Nov  4 09:40:40 tux-mc =======================


Nevermind about what I said about nagios - I had put the wrong path into /etc/conf.d/chpax. The grsec messages still hold though. 2.6.23-hardened-r1 is building now with your patch. Do you want me to turn on some of the lock debugging options in debug kernel?

let's try one thing at a time, first i'd just like to see my printk
produce something at all ;-).

Sounds good.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to