Gentoo Archives: gentoo-hardened

From:	pageexec@××××××××.hu
To:	gentoo-hardened@l.g.o
Subject:	Re: [gentoo-hardened] RLIMIT_MEMLOCK but can't paxctl -m
Date:	Sun, 25 Jan 2009 19:04:21
Message-Id:	`497CB788.7540.5BFD86B@pageexec.freemail.hu`
In Reply to:	[gentoo-hardened] RLIMIT_MEMLOCK but can't paxctl -m by Grant

1	On 25 Jan 2009 at 7:12, Grant wrote:
2
3	> I'm getting:
4	>
5	> grsec: denied resource overstep by requesting 135168 for
6	> RLIMIT_MEMLOCK against limit 32768 for
7	> /usr/bin/miro.real[miro.real:12965] uid/euid:1000/1000
8	> gid/egid:100/100, parent /usr/bin/miro[miro:12964] uid/euid:1000/1000
9	> gid/egid:100/100
10	>
11	> but both 'paxctl -m /usr/bin/miro' and 'paxctl -m /usr/bin/miro.real'
12	> return "file is not a valid ELF executable". Am I using the wrong
13	> command?
14
15	pax has nothing to do with such resource limits so paxctl won't 'fix'
16	them ;). 'man 1 bash' is your friend and look for 'ulimit' in there.

Subject	Author
Re: [gentoo-hardened] RLIMIT_MEMLOCK but can't paxctl -m	Grant <emailgrant@×××××.com>