| 1 |
On 05/09/2014 13:46, "Tóth Attila" wrote: |
| 2 |
> 2014.Május 9.(P) 17:39 időpontban Michael Orlitzky ezt írta: |
| 3 |
>> On 05/09/2014 11:29 AM, Mark Gomersbach wrote: |
| 4 |
>>> Maybe a bug somewhere else too, which combination kernel/grsec/pax was |
| 5 |
>>> used? |
| 6 |
>>> |
| 7 |
>> |
| 8 |
>> Whatever came with sys-kernel/hardened-sources-3.11.7-r1: |
| 9 |
>> |
| 10 |
>> # uname -a |
| 11 |
>> Linux mmmc2 3.11.7-hardened-r1 #1 SMP Fri Jan 3 23:13:48 EST 2014 |
| 12 |
>> x86_64 Intel(R) Xeon(R) CPU 5160 @ 3.00GHz GenuineIntel GNU/Linux |
| 13 |
>> |
| 14 |
>> Here's the hardened portion of the kernel .config for the web server |
| 15 |
>> that blew up today. The config for the mail server should be almost |
| 16 |
>> identical. I maintain the kernel configs for different hardware in |
| 17 |
>> different repos, but unless I've made a mistake, the hardening options |
| 18 |
>> should be the same. |
| 19 |
>> |
| 20 |
> |
| 21 |
> I encourage you to upgrade your kernel to the latest available in the |
| 22 |
> tree. Even if its keyworded currently. Such things pop up sometimes, come |
| 23 |
> and go. Grsec/PaX developers (spender/pipacs/ephox) fixes most of these |
| 24 |
> pretty quickly. I would also check out grsecurity support forums. |
| 25 |
|
| 26 |
I think I ran into this, too, in 3.11. It takes a few days of uptime before |
| 27 |
it happens. Running 3.13.x now on my x64 machine and haven't ran into it |
| 28 |
again. So I second the suggestion to upgrade your kernel. |
| 29 |
|
| 30 |
-- |
| 31 |
Joshua Kinard |
| 32 |
Gentoo/MIPS |
| 33 |
kumba@g.o |
| 34 |
4096R/D25D95E3 2011-03-28 |
| 35 |
|
| 36 |
"The past tempts us, the present confuses us, the future frightens us. And |
| 37 |
our lives slip away, moment by moment, lost in that vast, terrible in-between." |
| 38 |
|
| 39 |
--Emperor Turhan, Centauri Republic |
Archives