qmail problem

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

qmail problem

Postby zorgin » Sat May 17, 2003 9:41 pm

Hi there. i have a problem (quite obvious ehh?) anyways.

I've instlaled a virus scanner/filter for qmail called qscan which uses a tool called sweep(the actuall scanner) and when its trying to scan the mail the log spits this out.


@400000003ec6e5411d5aabdc /usr/local/bin/sweep: error while loading shared libraries: failed to map segment from shared object: cannot load shared object file: Cannot allocate memory

i saw a simillar problem on tcpserver(with qmail) and how you guys fixed it so i tryed the same thing (chpax -s /usr/local/bin/sweep) but that didnt help.
Any help would be appretiated.
zorgin
 
Posts: 6
Joined: Sun Mar 30, 2003 12:49 am

Re: qmail problem

Postby PaX Team » Sun May 18, 2003 4:31 am

zorgin wrote:@400000003ec6e5411d5aabdc /usr/local/bin/sweep: error while loading shared libraries: failed to map segment from shared object: cannot load shared object file: Cannot allocate memory
i take it that you enabled NOELFRELOCS in the kernel config but didn't actually make sure that all of your ELF libraries were PIC :-). the proper solution would be to find the offending library (e.g., via strace) and recompile it with -fPIC, or as a quick 'solution' you can disable MPROTECT on it (chpax -m).
i saw a simillar problem on tcpserver(with qmail) and how you guys fixed it so i tryed the same thing (chpax -s /usr/local/bin/sweep) but that didnt help.
if you enabled PAGEEXEC in the kernel config, then you'd have to disable that as well via chpax -p (that is, if you walk this way and want to disable all of the non-executable page features).
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm

Postby zorgin » Sun May 18, 2003 9:10 am

Heya. thanks for responding.. however i tryed to do as you said. did the chpax on both sweep and the libs its using.. no good. also tryed to disable mprotect (just to see if it would work) but no change at all.
it spit out the same error in the log so i have no clue on why it would not work.
Yes im kinda new into this sort of stuff so bare with me please :)
zorgin
 
Posts: 6
Joined: Sun Mar 30, 2003 12:49 am

Postby PaX Team » Mon May 19, 2003 10:27 am

zorgin wrote:Heya. thanks for responding.. however i tryed to do as you said. did the chpax on both sweep and the libs its using.. no good. also tryed to disable mprotect (just to see if it would work) but no change at all. it spit out the same error in the log so i have no clue on why it would not work.
ok, my mistake, i didn't fully read the error message and thought it was the usual problem with someone having enabled NOELFRELOCS without having verified all .so files, but that's not the case. rather, it seems 'sweep' needs a library that's too big (or would at least exceed RLIMIT_AS). what you should do is run 'sweep' through 'strace' and check the output, towards the end you should see a mmap() call that fails, then look back and you will find which library was going to be mapped, that's the problem. also verify your address space limit ('ulimit -d -v'), probably it's set too low.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm

Postby zorgin » Mon May 19, 2003 5:16 pm

Okay.. after checking the ulimit -d -v im getting even more confused :p
see for yourself

root@arcanos:~/qscan-1.5/src# ulimit -d -v
data seg size (kbytes) unlimited
virtual memory (kbytes) unlimited

i dunno this might be right or wrong you tell me :)

anyways since its when sweep is used by qscan it flips out i'm gonna have to dig throu some of the source of qscan to see what args it uses on sweep unless you know a easier way to check this..?
zorgin
 
Posts: 6
Joined: Sun Mar 30, 2003 12:49 am

Postby PaX Team » Wed May 21, 2003 10:02 am

zorgin wrote:root@arcanos:~/qscan-1.5/src# ulimit -d -v
data seg size (kbytes) unlimited
virtual memory (kbytes) unlimited

i dunno this might be right or wrong you tell me :)
it just means that in a normal shell these resource limits cannot be a problem, so something must explicitly override them for qscan/sweep (could be explicit setrlimit() calls but i saw nothing like that in the source code or maybe your PAM configuration). the only similar issue i found is http://forums.grsecurity.net/viewtopic.php?t=158 but that should have been resolved last year.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm

Postby zorgin » Thu May 22, 2003 5:00 am

Yea i know.. i did try to do what fixed the problem on my machine but nothing helped.. so i dunno what to do next..
zorgin
 
Posts: 6
Joined: Sun Mar 30, 2003 12:49 am

Postby daimonic » Thu Jun 26, 2003 10:32 am

Any chance you're using softlimit? If you are and its reached the max.
allowance it will give you that error.
daimonic
 
Posts: 1
Joined: Thu Jun 26, 2003 10:30 am


Return to grsecurity support

cron