1 |
Or help me in writing a good bug-report. |
2 |
|
3 |
The problem arise when using chrooted dhcpd, and disappear in a non |
4 |
chrooted environment. |
5 |
I'm intentioned in provide a decent bug report, please suggest other |
6 |
things that can be logged and provided. |
7 |
(would be nice to avoid expose dhcpd.log.*, they contain too much data ;) |
8 |
|
9 |
Thanks in advance. |
10 |
|
11 |
Some data: |
12 |
The box in question is |
13 |
Portage 2.0.51.22-r2 (default-linux/x86/2005.0, gcc-3.4.4, |
14 |
glibc-2.3.5-r1, 2.6.11-hardened-r15 i686) |
15 |
CBUILD="i686-pc-linux-gnu" |
16 |
CFLAGS="-O2 -march=i686 -fomit-frame-pointer" |
17 |
CHOST="i686-pc-linux-gnu" |
18 |
CXXFLAGS="-O2 -march=i686 -fomit-frame-pointer" |
19 |
|
20 |
/proc/sys/kernel/grsecurity/chroot* |
21 |
chroot_findtask 1 |
22 |
chroot_deny_sysctl 1 |
23 |
chroot_caps 0 |
24 |
chroot_restrict_nice 1 |
25 |
chroot_deny_mknod 1 |
26 |
chroot_deny_chmod 0 |
27 |
chroot_enforce_chdir 1 |
28 |
chroot_deny_pivot 1 |
29 |
chroot_deny_chroot 1 |
30 |
chroot_deny_fchdir 1 |
31 |
chroot_deny_mount 1 |
32 |
chroot_deny_unix 1 |
33 |
chroot_deny_shmat 1 |
34 |
|
35 |
The script used to test the whole stuff: |
36 |
|
37 |
======================== |
38 |
#! /bin/sh |
39 |
for i in 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 |
40 |
do |
41 |
echo "======== $i ========" |
42 |
date |
43 |
/usr/sbin/dhcpd -tf /root/dhcpd.log -f -pf \ |
44 |
/var/run/dhcp/dhcpd.pid -user dhcp -group dhcp -q \ |
45 |
-chroot /chroot/dhcp lan |
46 |
#WORK WITHOUT "-chroot /chroot/dhcp lan" |
47 |
mv /root/dhcpd.log "/root/dhcpd.log.${i}" |
48 |
done |
49 |
======================== |
50 |
|
51 |
the output found in nohup.out |
52 |
|
53 |
======== 01 ======== |
54 |
Sat Jul 30 11:25:05 CEST 2005 |
55 |
./MONITOR.sh: line 2: 4112 Segmentation fault /usr/sbin/dhcpd -tf |
56 |
/root/dhcpd.log -f -pf /var/run/dhcp/dhcpd.pid -user dhcp -group dhcp -q |
57 |
-chroot /chroot/dhcp lan |
58 |
======== 02 ======== |
59 |
Sat Jul 30 19:14:14 CEST 2005 |
60 |
./MONITOR.sh: line 2: 13176 Segmentation fault /usr/sbin/dhcpd -tf |
61 |
/root/dhcpd.log -f -pf /var/run/dhcp/dhcpd.pid -user dhcp -group dhcp -q |
62 |
-chroot /chroot/dhcp lan |
63 |
======== 03 ======== |
64 |
Sun Jul 31 07:40:33 CEST 2005 |
65 |
./MONITOR.sh: line 2: 23751 Segmentation fault /usr/sbin/dhcpd -tf |
66 |
/root/dhcpd.log -f -pf /var/run/dhcp/dhcpd.pid -user dhcp -group dhcp -q |
67 |
-chroot /chroot/dhcp lan |
68 |
======== 04 ======== |
69 |
Sun Jul 31 08:50:41 CEST 2005 |
70 |
./MONITOR.sh: line 2: 3749 Segmentation fault /usr/sbin/dhcpd -tf |
71 |
/root/dhcpd.log -f -pf /var/run/dhcp/dhcpd.pid -user dhcp -group dhcp -q |
72 |
-chroot /chroot/dhcp lan |
73 |
======== 05 ======== |
74 |
Mon Aug 1 07:40:24 CEST 2005 |
75 |
./MONITOR.sh: line 2: 22007 Segmentation fault /usr/sbin/dhcpd -tf |
76 |
/root/dhcpd.log -f -pf /var/run/dhcp/dhcpd.pid -user dhcp -group dhcp -q |
77 |
-chroot /chroot/dhcp lan |
78 |
======== 06 ======== |
79 |
Mon Aug 1 08:50:07 CEST 2005 |
80 |
./MONITOR.sh: line 2: 27114 Segmentation fault /usr/sbin/dhcpd -tf |
81 |
/root/dhcpd.log -f -pf /var/run/dhcp/dhcpd.pid -user dhcp -group dhcp -q |
82 |
-chroot /chroot/dhcp lan |
83 |
======== 07 ======== |
84 |
Mon Aug 1 11:02:42 CEST 2005 |
85 |
./MONITOR.sh: line 2: 27055 Segmentation fault /usr/sbin/dhcpd -tf |
86 |
/root/dhcpd.log -f -pf /var/run/dhcp/dhcpd.pid -user dhcp -group dhcp -q |
87 |
-chroot /chroot/dhcp lan |
88 |
======== 08 ======== |
89 |
Mon Aug 1 13:34:54 CEST 2005 |
90 |
./MONITOR.sh: line 2: 12301 Segmentation fault /usr/sbin/dhcpd -tf |
91 |
/root/dhcpd.log -f -pf /var/run/dhcp/dhcpd.pid -user dhcp -group dhcp -q |
92 |
-chroot /chroot/dhcp lan |
93 |
======== 09 ======== |
94 |
Mon Aug 1 14:41:19 CEST 2005 |
95 |
./MONITOR.sh: line 2: 3582 Segmentation fault /usr/sbin/dhcpd -tf |
96 |
/root/dhcpd.log -f -pf /var/run/dhcp/dhcpd.pid -user dhcp -group dhcp -q |
97 |
-chroot /chroot/dhcp lan |
98 |
======== 10 ======== |
99 |
Tue Aug 2 07:40:15 CEST 2005 |
100 |
./MONITOR.sh: line 2: 12482 Segmentation fault /usr/sbin/dhcpd -tf |
101 |
/root/dhcpd.log -f -pf /var/run/dhcp/dhcpd.pid -user dhcp -group dhcp -q |
102 |
-chroot /chroot/dhcp lan |
103 |
======== 11 ======== |
104 |
Tue Aug 2 08:50:39 CEST 2005 |
105 |
./MONITOR.sh: line 2: 31447 Segmentation fault /usr/sbin/dhcpd -tf |
106 |
/root/dhcpd.log -f -pf /var/run/dhcp/dhcpd.pid -user dhcp -group dhcp -q |
107 |
-chroot /chroot/dhcp lan |
108 |
[snip] |
109 |
|
110 |
entry in dhcpd.conf |
111 |
======= |
112 |
subnet 1.2.3.0 netmask 255.255.255.0 { |
113 |
range 1.2.3.130 1.2.3.170; |
114 |
option domain-name-servers 1.2.3.1, 1.2.3.2; |
115 |
option ntp-servers 1.2.3.1, 1.2.3.2; |
116 |
option domain-name "example.it"; |
117 |
option routers 1.2.3.1; |
118 |
option broadcast-address 1.2.3.255; |
119 |
default-lease-time 172800; |
120 |
max-lease-time 345600; |
121 |
} |
122 |
======= |
123 |
|
124 |
The clients are win 2000 |
125 |
|
126 |
-- |
127 |
gentoo-hardened@g.o mailing list |