1 |
Hmm... I've had a search of the forums. People have been having similar |
2 |
problems, but not the same as mine. Seems there's a problem with the |
3 |
Borland compiler (which I assume the binary was compiled with) and it |
4 |
putting code into the .data section. However I have played with chpax |
5 |
and paxctl (for paxctl I had to convert the binary, since it didn't have |
6 |
a pax header). It seems turning protections on/off made no difference, |
7 |
it still dies at the same point with the same error. I tried diff'ing |
8 |
the different strace outputs, the only thing that seemed to change were |
9 |
memory addresses (as I would expect with random memory layout). |
10 |
|
11 |
I'm new to this level of playing with binaries, so excuse me if anything |
12 |
above doesn't make sense. |
13 |
|
14 |
Shawn |
15 |
|
16 |
John Schember wrote: |
17 |
> You don't need to open a bug report for this. It is unique to your |
18 |
> setup. You are no doubt using PAX in your kernel. There are known issues |
19 |
> with Team Speak and PAX. Simply use the chpax utility on the app to |
20 |
> allow it some leeway. Searched http://forum.goteamspeak.com/ for PAX a |
21 |
> number of people have run into this problem and there are solutions. I'm |
22 |
> pointing you there because I can't comment on which is the best. |
23 |
> |
24 |
> John Schember |
25 |
> |
26 |
> |
27 |
> On Mon, 2007-01-08 at 11:17 +1030, Shawn Haggett wrote: |
28 |
>> I've recently tried to install teamspeak2-server-bin onto my hardened |
29 |
>> gentoo server. However everytime I attempt to start it, the process dies |
30 |
>> with a segfault. |
31 |
>> |
32 |
>> I thought I would post here first, to see if anyone has any ideas, |
33 |
>> before I go opening a bug. |
34 |
>> |
35 |
>> emerge --info output: |
36 |
>> |
37 |
>> Portage 2.1.1-r2 (hardened/x86/2.6, gcc-3.4.6, glibc-2.3.6-r5, |
38 |
>> 2.6.17-hardened-r1 i686) |
39 |
>> ================================================================= |
40 |
>> System uname: 2.6.17-hardened-r1 i686 Intel(R) Pentium(R) 4 CPU 3.00GHz |
41 |
>> Gentoo Base System version 1.12.6 |
42 |
>> Last Sync: Sun, 07 Jan 2007 16:30:01 +0000 |
43 |
>> app-admin/eselect-compiler: [Not Present] |
44 |
>> dev-java/java-config: 1.3.7, 2.0.31 |
45 |
>> dev-lang/python: 2.4.3-r4 |
46 |
>> dev-python/pycrypto: 2.0.1-r5 |
47 |
>> dev-util/ccache: [Not Present] |
48 |
>> dev-util/confcache: [Not Present] |
49 |
>> sys-apps/sandbox: 1.2.17 |
50 |
>> sys-devel/autoconf: 2.13, 2.61 |
51 |
>> sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 |
52 |
>> sys-devel/binutils: 2.16.1-r3 |
53 |
>> sys-devel/gcc-config: 1.3.14 |
54 |
>> sys-devel/libtool: 1.5.22 |
55 |
>> virtual/os-headers: 2.6.17-r2 |
56 |
>> ACCEPT_KEYWORDS="x86" |
57 |
>> AUTOCLEAN="yes" |
58 |
>> CBUILD="i686-pc-linux-gnu" |
59 |
>> CFLAGS="-march=pentium4 -O2 -pipe" |
60 |
>> CHOST="i686-pc-linux-gnu" |
61 |
>> CONFIG_PROTECT="/etc /usr/share/X11/xkb /var/bind" |
62 |
>> CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf |
63 |
>> /etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c" |
64 |
>> CXXFLAGS="-march=pentium4 -O2 -pipe" |
65 |
>> DISTDIR="/usr/portage/distfiles" |
66 |
>> FEATURES="autoconfig distlocks fixpackages metadata-transfer |
67 |
>> parallel-fetch sandbox sfperms strict userpriv" |
68 |
>> GENTOO_MIRRORS="ftp://mirror.internode.on.net/pub/gentoo |
69 |
>> http://distfiles.gentoo.org |
70 |
>> http://www.ibiblio.org/pub/Linux/distributions/gentoo" |
71 |
>> MAKEOPTS="-j4" |
72 |
>> PKGDIR="/usr/portage/packages" |
73 |
>> PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times |
74 |
>> --compress --force --whole-file --delete --delete-after --stats |
75 |
>> --timeout=180 --exclude='/distfiles' --exclude='/local' |
76 |
>> --exclude='/packages'" |
77 |
>> PORTAGE_TMPDIR="/var/tmp" |
78 |
>> PORTDIR="/usr/portage" |
79 |
>> PORTDIR_OVERLAY="/usr/local/portage" |
80 |
>> SYNC="rsync://speedy.podgeweb.com/gentoo-portage" |
81 |
>> USE="X acpi alsa_pcm_plugins_adpcm alsa_pcm_plugins_alaw |
82 |
>> alsa_pcm_plugins_asym alsa_pcm_plugins_copy alsa_pcm_plugins_dmix |
83 |
>> alsa_pcm_plugins_dshare alsa_pcm_plugins_dsnoop alsa_pcm_plugins_empty |
84 |
>> alsa_pcm_plugins_extplug alsa_pcm_plugins_file alsa_pcm_plugins_hooks |
85 |
>> alsa_pcm_plugins_iec958 alsa_pcm_plugins_ioplug alsa_pcm_plugins_ladspa |
86 |
>> alsa_pcm_plugins_lfloat alsa_pcm_plugins_linear alsa_pcm_plugins_meter |
87 |
>> alsa_pcm_plugins_mulaw alsa_pcm_plugins_multi alsa_pcm_plugins_null |
88 |
>> alsa_pcm_plugins_plug alsa_pcm_plugins_rate alsa_pcm_plugins_route |
89 |
>> alsa_pcm_plugins_share alsa_pcm_plugins_shm alsa_pcm_plugins_softvol |
90 |
>> apache2 async authdaemond authfile automount bash-completion berkdb |
91 |
>> big-tables bitmap-fonts bzip2 chroot cli courier crypt curl dba |
92 |
>> discard-path dlloader elibc_glibc enscript exif expat extraengine fam |
93 |
>> fix-connected-rt force-cgi-redirect ftp gd gdbm gif gmp hardened idn |
94 |
>> imap innodb input_devices_keyboard input_devices_mouse java jce jpeg |
95 |
>> kernel_linux lcms maildir mhash mime mmap mmx mpm-worker mysql mysqli |
96 |
>> nagios-dns nagios-ntp nagios-ssh ncurses nptl nptlonly offensive pam |
97 |
>> pcre pdf perl php pic png postfix python readline reflection samba sasl |
98 |
>> sensord session sockets spell spl sse sse2 ssl symlink sysfs syslog |
99 |
>> tcltk tcpd test tetex threads tiff tokenizer toolbar truetype |
100 |
>> userland_GNU userlocales vhosts vim-with-x x86 xinerama xml xorg xpm zip |
101 |
>> zlib" |
102 |
>> Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, |
103 |
>> LDFLAGS, LINGUAS, PORTAGE_RSYNC_EXTRA_OPTS |
104 |
>> |
105 |
>> |
106 |
>> After checking the init script for teamspeak, I ran it with the |
107 |
>> following command line: |
108 |
>> strace -oteamspeak-trace.txt /opt/teamspeak2-server/server_linux \ |
109 |
>> -db=/var/lib/teamspeak2-server/server.dbs \ |
110 |
>> -ini=/var/lib/teamspeak2-server/server.ini \ |
111 |
>> -log=/var/log/teamspeak2-server/server.log \ |
112 |
>> -pid=/var/run/teamspeak2-server/server.pid \ |
113 |
>> -sql=/opt/teamspeak2-server/sql/ \ |
114 |
>> -tcpquerydocs=/opt/teamspeak2-server/tcpquerydocs \ |
115 |
>> -httpdocs=/opt/teamspeak2-server/http/ |
116 |
>> |
117 |
>> The trace file is attached. It's rather short. My guess is that the |
118 |
>> mmap2 call on the second to last line, which returns 0, is to blame. |
119 |
>> However if anyone can shed some light on why this is happening and how |
120 |
>> to work around it, that would be great. |
121 |
>> |
122 |
>> Shawn |
123 |
>> plain text document attachment (teamspeak-trace.txt) |
124 |
>> execve("/opt/teamspeak2-server/server_linux", ["/opt/teamspeak2-server/server_li"..., "-db=/var/lib/teamspeak2-server/s"..., "-ini=/var/lib/teamspeak2-server/"..., "-log=/var/log/teamspeak2-server/"..., "-pid=/var/run/teamspeak2-server/"..., "-sql=/opt/teamspeak2-server/sql/"..., "-tcpquerydocs=/opt/teamspeak2-se"..., "-httpdocs=/opt/teamspeak2-server"...], [/* 44 vars */]) = 0 |
125 |
>> uname({sys="Linux", node="speedy", ...}) = 0 |
126 |
>> brk(0) = 0x823783c |
127 |
>> access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) |
128 |
>> open("/etc/ld.so.cache", O_RDONLY) = 3 |
129 |
>> fstat64(3, {st_mode=S_IFREG|0644, st_size=63665, ...}) = 0 |
130 |
>> mmap2(NULL, 63665, PROT_READ, MAP_PRIVATE, 3, 0) = 0x4e63b000 |
131 |
>> close(3) = 0 |
132 |
>> open("/lib/libpthread.so.0", O_RDONLY) = 3 |
133 |
>> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\334H\0"..., 512) = 512 |
134 |
>> fstat64(3, {st_mode=S_IFREG|0755, st_size=104800, ...}) = 0 |
135 |
>> mmap2(NULL, 69848, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4e629000 |
136 |
>> madvise(0x4e629000, 69848, MADV_SEQUENTIAL|0x1) = 0 |
137 |
>> mmap2(0x4e637000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xd) = 0x4e637000 |
138 |
>> mmap2(0x4e639000, 4312, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4e639000 |
139 |
>> close(3) = 0 |
140 |
>> open("/lib/libdl.so.2", O_RDONLY) = 3 |
141 |
>> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\v\0"..., 512) = 512 |
142 |
>> fstat64(3, {st_mode=S_IFREG|0755, st_size=10512, ...}) = 0 |
143 |
>> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4e628000 |
144 |
>> mmap2(NULL, 12332, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4e624000 |
145 |
>> madvise(0x4e624000, 12332, MADV_SEQUENTIAL|0x1) = 0 |
146 |
>> mmap2(0x4e626000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0x4e626000 |
147 |
>> close(3) = 0 |
148 |
>> open("/lib/libc.so.6", O_RDONLY) = 3 |
149 |
>> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\326O\1"..., 512) = 512 |
150 |
>> fstat64(3, {st_mode=S_IFREG|0755, st_size=1220520, ...}) = 0 |
151 |
>> mmap2(NULL, 1150108, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4e50b000 |
152 |
>> madvise(0x4e50b000, 1150108, MADV_SEQUENTIAL|0x1) = 0 |
153 |
>> mmap2(0x4e61e000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x113) = 0x4e61e000 |
154 |
>> mmap2(0x4e622000, 7324, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4e622000 |
155 |
>> close(3) = 0 |
156 |
>> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4e50a000 |
157 |
>> mprotect(0x4e61e000, 4096, PROT_READ) = 0 |
158 |
>> mprotect(0x4e626000, 4096, PROT_READ) = 0 |
159 |
>> mprotect(0x4e637000, 4096, PROT_READ) = 0 |
160 |
>> mprotect(0x4e661000, 4096, PROT_READ) = 0 |
161 |
>> set_thread_area({entry_number:-1 -> 6, base_addr:0x4e50a6b0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 |
162 |
>> munmap(0x4e63b000, 63665) = 0 |
163 |
>> set_tid_address(0x4e50a6f8) = 21183 |
164 |
>> rt_sigaction(SIGRTMIN, {0x4e62d424, [], SA_RESTORER|SA_SIGINFO, 0x4e634490}, NULL, 8) = 0 |
165 |
>> rt_sigaction(SIGRT_1, {0x4e62d498, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x4e634490}, NULL, 8) = 0 |
166 |
>> rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 |
167 |
>> getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0 |
168 |
>> _sysctl({{CTL_KERN, KERN_VERSION}, 2, 0x5c311f6c, 35, (nil), 0}) = 0 |
169 |
>> open("/dev/urandom", O_RDONLY) = 3 |
170 |
>> read(3, "\4\344\344\205", 4) = 4 |
171 |
>> close(3) = 0 |
172 |
>> futex(0x4e627028, FUTEX_WAKE, 2147483647) = 0 |
173 |
>> brk(0) = 0x823783c |
174 |
>> brk(0x825883c) = 0x825883c |
175 |
>> brk(0x8259000) = 0x8259000 |
176 |
>> open("/opt/teamspeak2-server/server_linux", O_RDONLY) = 3 |
177 |
>> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\f\0\2\0\3\0\1\0\0\0\0206\5"..., 512) = 512 |
178 |
>> fstat64(3, {st_mode=S_IFREG|0755, st_size=945552, ...}) = 0 |
179 |
>> close(3) = 0 |
180 |
>> open("/opt/teamspeak2-server/server_linux", O_RDONLY) = 3 |
181 |
>> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\f\0\2\0\3\0\1\0\0\0\0206\5"..., 512) = 512 |
182 |
>> fstat64(3, {st_mode=S_IFREG|0755, st_size=945552, ...}) = 0 |
183 |
>> close(3) = 0 |
184 |
>> futex(0x822f45c, FUTEX_WAKE, 2147483647) = 0 |
185 |
>> dup(1) = 3 |
186 |
>> fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR) |
187 |
>> fstat64(3, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 2), ...}) = 0 |
188 |
>> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4e64a000 |
189 |
>> _llseek(3, 0, 0x5c311e58, SEEK_CUR) = -1 ESPIPE (Illegal seek) |
190 |
>> mmap2(NULL, 65535, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, 0, 0) = 0 |
191 |
>> readlink("/proc/self/exe", "/opt/teamspeak2-server/server_linux", 4096) = 35 |
192 |
>> --- SIGSEGV (Segmentation fault) @ 0 (0) --- |
193 |
>> +++ killed by SIGSEGV +++ |
194 |
> |
195 |
|
196 |
-- |
197 |
gentoo-hardened@g.o mailing list |