| 1 |
I have a Xen guest which is having problems with nginx and grsec. |
| 2 |
Worker processes for nginx fail when HTTP requests are made. |
| 3 |
|
| 4 |
Each request leaves messages much like these: |
| 5 |
[ 800.424417] nginx[7540]: segfault at 8 ip 00000c513b8ba644 sp |
| 6 |
00007138a2675300 error 4 in nginx[c513b882000+f0000] |
| 7 |
[ 800.424428] grsec: From 202.76.166.249: Segmentation fault occurred |
| 8 |
at 0000000000000008 in /usr/sbin/nginx[nginx:7540] uid/euid:102/102 |
| 9 |
gid/egid:247/247, parent /usr/sbin/nginx[nginx:7389] uid/euid:0/0 |
| 10 |
gid/egid:0/0 |
| 11 |
[ 800.424435] grsec: From 202.76.166.249: bruteforce prevention |
| 12 |
initiated for the next 30 minutes or until service restarted, stalling |
| 13 |
each fork 30 seconds. Please investigate the crash report for |
| 14 |
/usr/sbin/nginx[nginx:7540] uid/euid:102/102 gid/egid:247/247, parent |
| 15 |
/usr/sbin/nginx[nginx:7389] uid/euid:0/0 gid/egid:0/0 |
| 16 |
[ 800.424441] grsec: From 202.76.166.249: denied resource overstep by |
| 17 |
requesting 4096 for RLIMIT_CORE against limit 0 for |
| 18 |
/usr/sbin/nginx[nginx:7540] uid/euid:102/102 gid/egid:247/247, parent |
| 19 |
/usr/sbin/nginx[nginx:7389] uid/euid:0/0 gid/egid:0/0 |
| 20 |
|
| 21 |
It would be great if someone could tell me what sysctl options or |
| 22 |
kernel options I can change to fix this in the short term. It might |
| 23 |
take me a while to understand the problem better and it would be good |
| 24 |
to have the system running. |
| 25 |
|
| 26 |
This system has changed recently from a VirtualBox guest to being a |
| 27 |
Xen guest. So the kernel is built differently, I am using the |
| 28 |
grsecurity defaults for a Xen guest with performance priorities. It |
| 29 |
ran fine as a VirtualBox guest. |
| 30 |
|
| 31 |
Let me know if you need more info. |
| 32 |
|
| 33 |
-- |
| 34 |
www.johntate.org |
Archives