======================
(I may change the title later if I get to understand more in depth the issue.)
I have an occurence like this each 1hour 10min. It's been so for more than a day now (but I couldn't report earlier):
- Code: Select all
Jan 31 11:22:04 g0n postfix/qmgr[2736]: A415438092E: from=<miro.FAKE@zg.ht.hr>, size=1953, nrcpt=1 (queue active)
Jan 31 11:22:04 g0n kernel: [104182.533886] grsec: exec of /usr/libexec/postfix/trivial-rewrite (trivial-rewrite -n rewrite -t unix -u -D ) by /usr/libexec/postfix/trivial-rewrite[master:20603] uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/postfix/master[master:2734] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:04 g0n postfix/trivial-rewrite[20603]: running: PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;?echo where) | gdb /usr/libexec/postfix/trivial-rewrite 20603 2>&1?>/etc/postfix/trivial-rewrite.20603.log & sleep 5
Jan 31 11:22:04 g0n kernel: [104182.541484] grsec: exec of /bin/bash (sh -c PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; echo where) | gdb /usr/libexec/postfix/trivial-rewrite 20603 2) by /bin/bash[trivial-rewrite:20605] uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/postfix/trivial-rewrite[trivial-rewrite:20603] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:04 g0n kernel: [104182.543763] grsec: exec of /bin/sleep (sleep 5 ) by /bin/sleep[sh:20608] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:20605] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:04 g0n kernel: [104182.544128] grsec: exec of /usr/bin/gdb (gdb /usr/libexec/postfix/trivial-rewrite 20603 ) by /usr/bin/gdb[sh:20607] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:20605] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:04 g0n kernel: [104182.554031] grsec: exec of /usr/bin/iconv (iconv -l ) by /usr/bin/iconv[gdb:20609] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/gdb[gdb:20607] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:04 g0n kernel: [104182.582967] grsec: process /usr/libexec/postfix/trivial-rewrite(trivial-rewrite:20603) attached to via ptrace by /usr/bin/gdb[gdb:20607] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:20605] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:04 g0n kernel: [104182.587538] PAX: execution attempt in: <anonymous mapping>, 2e72ae02000-2e72ae05000 2e72ae02000
Jan 31 11:22:04 g0n kernel: [104182.587553] PAX: terminating task: /usr/bin/gdb(gdb):20612, uid/euid: 0/0, PC: 000002e72ae02000, SP: 000003c67b8da300
Jan 31 11:22:04 g0n kernel: [104182.587562] PAX: bytes at PC: cc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Jan 31 11:22:04 g0n kernel: [104182.587596] PAX: bytes at SP-8: 000002e72ae02000 000000166fa61ec0 be59ba04f5c2c100 000000166f42e0e0 000000166fa62000 000000166fa61ec0 00000016712c0d70 000000166f42e0e0 0000000000000000 000003c67b8da3d0 000000166f3d99a1
Jan 31 11:22:04 g0n kernel: [104182.587648] grsec: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/bin/gdb[gdb:20612] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/gdb[gdb:20607] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:04 g0n kernel: [104182.587683] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/bin/gdb[gdb:20612] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/gdb[gdb:20607] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:09 g0n kernel: [104187.548775] grsec: chdir to /var/spool/postfix by /usr/libexec/postfix/trivial-rewrite[trivial-rewrite:20603] uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/postfix/master[master:2734] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:09 g0n kernel: [104187.551995] grsec: exec of /usr/libexec/postfix/smtp (smtp -t unix -u -D ) by /usr/libexec/postfix/smtp[master:20613] uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/postfix/master[master:2734] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:09 g0n postfix/smtp[20613]: running: PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;?echo where) | gdb /usr/libexec/postfix/smtp 20613 2>&1?>/etc/postfix/smtp.20613.log & sleep 5
Jan 31 11:22:09 g0n kernel: [104187.563932] grsec: exec of /bin/bash (sh -c PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; echo where) | gdb /usr/libexec/postfix/smtp 20613 2>&1 >/etc/p) by /bin/bash[smtp:20614] uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/postfix/smtp[smtp:20613] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:09 g0n kernel: [104187.571133] grsec: exec of /bin/sleep (sleep 5 ) by /bin/sleep[sh:20617] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:20614] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:09 g0n kernel: [104188.127503] grsec: exec of /usr/bin/gdb (gdb /usr/libexec/postfix/smtp 20613 ) by /usr/bin/gdb[sh:20616] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:20614] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:09 g0n kernel: [104188.139433] grsec: exec of /usr/bin/iconv (iconv -l ) by /usr/bin/iconv[gdb:20618] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/gdb[gdb:20616] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:09 g0n kernel: [104188.170455] grsec: process /usr/libexec/postfix/smtp(smtp:20613) attached to via ptrace by /usr/bin/gdb[gdb:20616] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:20614] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:09 g0n kernel: [104188.175664] PAX: execution attempt in: <anonymous mapping>, 29549134000-29549137000 29549134000
Jan 31 11:22:09 g0n kernel: [104188.175678] PAX: terminating task: /usr/bin/gdb(gdb):20621, uid/euid: 0/0, PC: 0000029549134000, SP: 000003ce2e83d2f0
Jan 31 11:22:09 g0n kernel: [104188.175687] PAX: bytes at PC: cc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Jan 31 11:22:09 g0n kernel: [104188.175721] PAX: bytes at SP-8: 0000029549134000 0000004e8f2b9ec0 bb8fa1bfa09e5600 0000004e8ec860e0 0000004e8f2ba000 0000004e8f2b9ec0 0000004e8ffa5e20 0000004e8ec860e0 0000000000000000 000003ce2e83d3c0 0000004e8ec319a1
Jan 31 11:22:09 g0n kernel: [104188.175770] grsec: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/bin/gdb[gdb:20621] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/gdb[gdb:20616] uid/euid:0/0 gid/egid:0/0
Jan 31 11:22:09 g0n kernel: [104188.175805] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/bin/gdb[gdb:20621] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/gdb[gdb:20616] uid/euid:0/0 gid/egid:0/0
At first these occurences made me worry, but after a lot of analysis of logs, packet capture, comparison with my master air-gapped Gentoo system of this cloned system for occasional thoroughly analyzed online time, and seeking of probable causes, I believe it is down to the gdb, some lack of support in gdb for hardening. I believe it is the cause of the "brute prevention initiated" as the log says.
My Grsec-hardened Gentoo has most of the hardening options set. Here is the Grsecurity configuration from my config-3.17.6-hardened:
- Code: Select all
# Grsecurity
#
CONFIG_PAX_KERNEXEC_PLUGIN=y
CONFIG_PAX_PER_CPU_PGD=y
CONFIG_TASK_SIZE_MAX_SHIFT=42
CONFIG_PAX_USERCOPY_SLABS=y
CONFIG_GRKERNSEC=y
# CONFIG_GRKERNSEC_CONFIG_AUTO is not set
CONFIG_GRKERNSEC_CONFIG_CUSTOM=y
CONFIG_GRKERNSEC_TPE_UNTRUSTED_GID=100
CONFIG_GRKERNSEC_SYMLINKOWN_GID=1006
#
# Customize Configuration
#
#
# PaX
#
CONFIG_PAX=y
#
# PaX Control
#
# CONFIG_PAX_SOFTMODE is not set
# CONFIG_PAX_PT_PAX_FLAGS is not set
CONFIG_PAX_XATTR_PAX_FLAGS=y
CONFIG_PAX_NO_ACL_FLAGS=y
# CONFIG_PAX_HAVE_ACL_FLAGS is not set
# CONFIG_PAX_HOOK_ACL_FLAGS is not set
#
# Non-executable pages
#
CONFIG_PAX_NOEXEC=y
CONFIG_PAX_PAGEEXEC=y
CONFIG_PAX_EMUTRAMP=y
CONFIG_PAX_MPROTECT=y
# CONFIG_PAX_MPROTECT_COMPAT is not set
# CONFIG_PAX_ELFRELOCS is not set
CONFIG_PAX_KERNEXEC=y
CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_BTS=y
# CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR is not set
CONFIG_PAX_KERNEXEC_PLUGIN_METHOD="bts"
#
# Address Space Layout Randomization
#
CONFIG_PAX_ASLR=y
CONFIG_PAX_RANDKSTACK=y
CONFIG_PAX_RANDUSTACK=y
CONFIG_PAX_RANDMMAP=y
#
# Miscellaneous hardening features
#
CONFIG_PAX_MEMORY_SANITIZE=y
CONFIG_PAX_MEMORY_STACKLEAK=y
CONFIG_PAX_MEMORY_STRUCTLEAK=y
CONFIG_PAX_MEMORY_UDEREF=y
CONFIG_PAX_REFCOUNT=y
CONFIG_PAX_CONSTIFY_PLUGIN=y
CONFIG_PAX_USERCOPY=y
# CONFIG_PAX_USERCOPY_DEBUG is not set
CONFIG_PAX_SIZE_OVERFLOW=y
CONFIG_PAX_LATENT_ENTROPY=y
#
# Memory Protections
#
CONFIG_GRKERNSEC_KMEM=y
# CONFIG_GRKERNSEC_IO is not set
CONFIG_GRKERNSEC_BPF_HARDEN=y
CONFIG_GRKERNSEC_PERF_HARDEN=y
# CONFIG_GRKERNSEC_RAND_THREADSTACK is not set
CONFIG_GRKERNSEC_PROC_MEMMAP=y
CONFIG_GRKERNSEC_KSTACKOVERFLOW=y
CONFIG_GRKERNSEC_BRUTE=y
CONFIG_GRKERNSEC_MODHARDEN=y
CONFIG_GRKERNSEC_HIDESYM=y
CONFIG_GRKERNSEC_RANDSTRUCT=y
CONFIG_GRKERNSEC_RANDSTRUCT_PERFORMANCE=y
CONFIG_GRKERNSEC_KERN_LOCKOUT=y
#
# Role Based Access Control Options
#
# CONFIG_GRKERNSEC_NO_RBAC is not set
CONFIG_GRKERNSEC_ACL_HIDEKERN=y
CONFIG_GRKERNSEC_ACL_MAXTRIES=3
CONFIG_GRKERNSEC_ACL_TIMEOUT=30
#
# Filesystem Protections
#
CONFIG_GRKERNSEC_PROC=y
CONFIG_GRKERNSEC_PROC_USER=y
CONFIG_GRKERNSEC_PROC_ADD=y
CONFIG_GRKERNSEC_LINK=y
CONFIG_GRKERNSEC_SYMLINKOWN=y
CONFIG_GRKERNSEC_FIFO=y
CONFIG_GRKERNSEC_SYSFS_RESTRICT=y
# CONFIG_GRKERNSEC_ROFS is not set
CONFIG_GRKERNSEC_DEVICE_SIDECHANNEL=y
CONFIG_GRKERNSEC_CHROOT=y
CONFIG_GRKERNSEC_CHROOT_MOUNT=y
CONFIG_GRKERNSEC_CHROOT_DOUBLE=y
CONFIG_GRKERNSEC_CHROOT_PIVOT=y
CONFIG_GRKERNSEC_CHROOT_CHDIR=y
CONFIG_GRKERNSEC_CHROOT_CHMOD=y
CONFIG_GRKERNSEC_CHROOT_FCHDIR=y
CONFIG_GRKERNSEC_CHROOT_MKNOD=y
CONFIG_GRKERNSEC_CHROOT_SHMAT=y
CONFIG_GRKERNSEC_CHROOT_UNIX=y
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
CONFIG_GRKERNSEC_CHROOT_NICE=y
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
CONFIG_GRKERNSEC_CHROOT_CAPS=y
# CONFIG_GRKERNSEC_CHROOT_INITRD is not set
#
# Kernel Auditing
#
# CONFIG_GRKERNSEC_AUDIT_GROUP is not set
CONFIG_GRKERNSEC_EXECLOG=y
CONFIG_GRKERNSEC_RESLOG=y
CONFIG_GRKERNSEC_CHROOT_EXECLOG=y
CONFIG_GRKERNSEC_AUDIT_PTRACE=y
CONFIG_GRKERNSEC_AUDIT_CHDIR=y
CONFIG_GRKERNSEC_AUDIT_MOUNT=y
CONFIG_GRKERNSEC_SIGNAL=y
CONFIG_GRKERNSEC_FORKFAIL=y
CONFIG_GRKERNSEC_TIME=y
CONFIG_GRKERNSEC_PROC_IPADDR=y
CONFIG_GRKERNSEC_RWXMAP_LOG=y
#
# Executable Protections
#
CONFIG_GRKERNSEC_DMESG=y
CONFIG_GRKERNSEC_HARDEN_PTRACE=y
CONFIG_GRKERNSEC_PTRACE_READEXEC=y
CONFIG_GRKERNSEC_SETXID=y
CONFIG_GRKERNSEC_HARDEN_IPC=y
CONFIG_GRKERNSEC_TPE=y
CONFIG_GRKERNSEC_TPE_ALL=y
# CONFIG_GRKERNSEC_TPE_INVERT is not set
CONFIG_GRKERNSEC_TPE_GID=100
#
# Network Protections
#
CONFIG_GRKERNSEC_BLACKHOLE=y
CONFIG_GRKERNSEC_NO_SIMULT_CONNECT=y
# CONFIG_GRKERNSEC_SOCKET is not set
#
# Physical Protections
#
# CONFIG_GRKERNSEC_DENYUSB is not set
#
# Sysctl Support
#
CONFIG_GRKERNSEC_SYSCTL=y
CONFIG_GRKERNSEC_SYSCTL_ON=y
#
# Logging Options
#
CONFIG_GRKERNSEC_FLOODTIME=10
CONFIG_GRKERNSEC_FLOODBURST=3
CONFIG_KEYS=y
# CONFIG_PERSISTENT_KEYRINGS is not set
# CONFIG_BIG_KEYS is not set
# CONFIG_ENCRYPTED_KEYS is not set
CONFIG_KEYS_DEBUG_PROC_KEYS=y
CONFIG_SECURITY_DMESG_RESTRICT=y
# CONFIG_SECURITY is not set
# CONFIG_SECURITYFS is not set
CONFIG_DEFAULT_SECURITY_DAC=y
CONFIG_DEFAULT_SECURITY=""
CONFIG_XOR_BLOCKS=y
CONFIG_ASYNC_CORE=y
CONFIG_ASYNC_MEMCPY=y
CONFIG_ASYNC_XOR=y
CONFIG_ASYNC_PQ=y
CONFIG_ASYNC_RAID6_RECOV=y
CONFIG_CRYPTO=y
#
As the Seniors in Gentoo advise, I have started the transition to XATTR_PAX_FLAGS, and use paxctl-ng.
I currently use gdb debugger because of issues with applying TLS with my new provider in Postfix, I use it roughly as explained under non-interactive debugger on:
Postfix Debugging Howto
http://www.postfix.org/DEBUG_README.html
Just to mention with regard to the TPE issue which has an open bug IN_PROGRESS on bugs.gentoo.org
Bug 519566
https://bugs.gentoo.org/show_bug.cgi?id=519566
that I disabled tpe and tpe_restrict_all via sysctl:
- Code: Select all
# cat /proc/sys/kernel/grsecurity/tpe
0
# cat /proc/sys/kernel/grsecurity/tpe_restrict_all
0
#
but it doesn't seem to change anything in this case (as it does with emerge and other python stuff).
The /usr/bin/gdb binary has by default, as I installed it with "emerge gdb":
- Code: Select all
# paxctl-ng -v /usr/bin/gdb
/usr/bin/gdb:
PT_PAX : -e---
XATTR_PAX : not found
which I changed:
- Code: Select all
# paxctl-ng -F /usr/bin/gdb
# paxctl-ng -v /usr/bin/gdb
/usr/bin/gdb:
PT_PAX : -e---
XATTR_PAX : -e---
and then I tried, hoping the issue would be relaxed:
- Code: Select all
# paxctl-ng -m /usr/bin/gdb
# paxctl-ng -v /usr/bin/gdb
/usr/bin/gdb:
PT_PAX : -em--
XATTR_PAX : -em--
But the issue wouldn't go away:
- Code: Select all
Jan 31 13:41:12 g0n postfix/qmgr[21662]: A415438092E: from=<miroslav.rovis1@zg.ht.hr>, size=1953, nrcpt=1 (queue active)
Jan 31 13:41:12 g0n kernel: [112535.267823] grsec: exec of /usr/libexec/postfix/trivial-rewrite (trivial-rewrite -n rewrite -t unix -u -D ) by /usr/libexec/postfix/trivial-rewrite[master:22640] uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/postfix/master[master:2734] uid/euid:0/0 gid/egid:0/0
Jan 31 13:41:12 g0n postfix/trivial-rewrite[22640]: running: PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont;?echo where) | gdb /usr/libexec/postfix/trivial-rewrite 22640 2>&1?>/etc/postfix/trivial-rewrite.22640.log & sleep 5
Jan 31 13:41:12 g0n kernel: [112535.274075] grsec: exec of /bin/bash (sh -c PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; echo where) | gdb /usr/libexec/postfix/trivial-rewrite 22640 2) by /bin/bash[trivial-rewrite:22642] uid/euid:0/0 gid/egid:0/0, parent /usr/libexec/postfix/trivial-rewrite[trivial-rewrite:22640] uid/euid:0/0 gid/egid:0/0
Jan 31 13:41:12 g0n kernel: [112535.276386] grsec: exec of /bin/sleep (sleep 5 ) by /bin/sleep[sh:22645] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:22642] uid/euid:0/0 gid/egid:0/0
Jan 31 13:41:12 g0n kernel: [112535.276772] grsec: exec of /usr/bin/gdb (gdb /usr/libexec/postfix/trivial-rewrite 22640 ) by /usr/bin/gdb[sh:22644] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:22642] uid/euid:0/0 gid/egid:0/0
Jan 31 13:41:12 g0n kernel: [112535.286078] grsec: exec of /usr/bin/iconv (iconv -l ) by /usr/bin/iconv[gdb:22646] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/gdb[gdb:22644] uid/euid:0/0 gid/egid:0/0
Jan 31 13:41:12 g0n kernel: [112535.311642] grsec: process /usr/libexec/postfix/trivial-rewrite(trivial-rewrite:22640) attached to via ptrace by /usr/bin/gdb[gdb:22644] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:22642] uid/euid:0/0 gid/egid:0/0
Jan 31 13:41:12 g0n kernel: [112535.316243] PAX: execution attempt in: <anonymous mapping>, 2de2802f000-2de28032000 2de2802f000
Jan 31 13:41:12 g0n kernel: [112535.316258] PAX: terminating task: /usr/bin/gdb(gdb):22649, uid/euid: 0/0, PC: 000002de2802f000, SP: 000003cbb08fa470
Jan 31 13:41:12 g0n kernel: [112535.316267] PAX: bytes at PC: cc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Jan 31 13:41:12 g0n kernel: [112535.316302] PAX: bytes at SP-8: 000002de2802f000 00000057380ebec0 e6c6b81c8df58500 0000005737ab80e0 00000057380ec000 00000057380ebec0 0000005738350880 0000005737ab80e0 0000000000000000 000003cbb08fa540 0000005737a639a1
Jan 31 13:41:12 g0n kernel: [112535.316352] grsec: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/bin/gdb[gdb:22649] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/gdb[gdb:22644] uid/euid:0/0 gid/egid:0/0
Jan 31 13:41:12 g0n kernel: [112535.316387] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/bin/gdb[gdb:22649] uid/euid:0/0 gid/egid:0/0, parent /usr/bin/gdb[gdb:22644] uid/euid:0/0 gid/egid:0/0
I haven't used gdb much, and I really only tried what the Postfix wizards suggested for debugging, I can currently only stay at the outside of things with regard to debugging and all the logs filled with "no debugging symbols found"... I guess I'd be useful that I give the "stack trace when the process crashes", IIUC:
- Code: Select all
# cat /etc/postfix/trivial-rewrite.22640.log
GNU gdb (Gentoo 7.8.1 vanilla) 7.8.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://bugs.gentoo.org/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/libexec/postfix/trivial-rewrite...(no debugging symbols found)...done.
Attaching to program: /usr/libexec/postfix/trivial-rewrite, process 22640
Reading symbols from /lib64/libpcre.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib64/libpcre.so.1
Reading symbols from /lib64/libpthread.so.0...(no debugging symbols found)...done.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Loaded symbols for /lib64/libpthread.so.0
Reading symbols from /usr/lib64/libsqlite3.so.0...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libsqlite3.so.0
Reading symbols from /usr/lib64/libdb-6.0.so...(no debugging symbols found)...done.
Loaded symbols for /usr/lib64/libdb-6.0.so
Reading symbols from /lib64/libc.so.6...(no debugging symbols found)...done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from /lib64/libdl.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libdl.so.2
Reading symbols from /lib64/libnss_compat.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libnss_compat.so.2
Reading symbols from /lib64/libnsl.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib64/libnsl.so.1
Reading symbols from /lib64/libnss_nis.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libnss_nis.so.2
Reading symbols from /lib64/libnss_files.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libnss_files.so.2
0x0000038f74eeb91a in waitpid () from /lib64/libc.so.6
(gdb) Continuing.
[Inferior 1 (process 22640) exited normally]
(gdb) (gdb) quit
If there is anything that any Senior here in Grsecurity forums finds time to kindly tell us about this issue, I'll be grateful.
I can also ask about this issue on Gentoo Forums, but I thought I'd post on my dearest of all FOSS programs' forum, that is Grsec Forums, first .
I'm mostly well these days, and I shouldn't be late to reply due to health issues. However, I have to say that I'm on alert with my unkind new provider and their disreputable friends, where even setting me up to accuse me of spamming seems to have been attempted against me, on top of undeniable censorship:
Postfix smtp-tls-wrapper, Bkp/Cloning Mthd, A Zerk Provider
https://forums.gentoo.org/viewtopic-t-999436.html
I hope some unpredictable prank from the aforementioned won't be in my way while I try and solve this issue. I will be back at intervals, although not very frequent, for a day and longer, to read possible replies, but I have to mention the above in case I am prevented by the aforementioned to keep my word. That is the sole reason I explain this situation of mine here. And I am sorry to have to put this for-that-eventuality disclaimer here.
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr