Page 1 of 1

Something breaking Perl/CPAN

PostPosted: Tue Mar 26, 2002 1:34 am
by amadei
Hey everyone.

I'm still new to this grsecurity stuff, so pardon my ignorance if this is an easy one.

I have grsecurity 1.9.4-2.4.18, with pretty much everything enabled, and for most
of my Slackware 8.0 systems, this has been fine.

However, one of my latest is having problems when I try to have Perl use the CPAN
archive to install packages. The problem is I'm not sure which grsecurity feature is
killing it. I just get a Segmentation Fault, and a

grsec: signal 11 send to (perl:5046) UID(0) EUID(0), parent (bash:29939) UID(0) EUID(0)"

in my logs. This happens right after Zlib (yes, I upgraded to 1.1.4) loads after a
"install" command.

Looking at a strace shows these events leading to the segfault:

old_mmap(NULL,4096, PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)=0x2da000
read(6,"\37\213\10\0\0027\237<\2\3\244\375\331\222\343J\226-\200"..., 16384)=16384
_llseek(6,0,[16384],SEEK_CUR)=0
--- SIGSEGV ---

I'm really not sure what would be tripping grsec, but it's probably obvious to everyone else.

Any help would be appreciated.

hmm

PostPosted: Tue Mar 26, 2002 8:35 am
by spender
are you sure it's related to grsecurity? if grsecurity was stopping your program from doing something, it would notify you in a log. The signal log that you see is just showing you that the program caused a segmentation fault, which is due to an error in the programming of the application you were trying to run.

PostPosted: Tue Mar 26, 2002 11:32 pm
by amadei
Hmmm.... I just compiled a new kernel with no GRSecurity, and it still doesn't work...

I guess you're off the hook. :D

I manage about 25 different boxes, all Slack-based but they all are roughly the same
code. This one has three twins, but the one difference was 2.4.18/GRSec 1.9.4 without
SYSCTL... the others are 2.4.17/GRSec 1.9.3a with SYSCTL. The CPAN/Perl script
works fine on the others, and since GRSec logged the signal 11 line, I thought it was the cause.

Barking up the wrong tree... of course, I'm not sure which tree to try next. :D

Well, thanks anyway. And thanks for the most kick-ass kernel mod I've ever seen.
GRSec RULES!

PostPosted: Wed Mar 27, 2002 12:44 pm
by wschlich
sysctl? I recently trapped on sysctl defaulting to disable all grsec-options... :-)