similar to: Dovecot will not run on secure kernel.

Howdy folks ! I just added Dovecot as a standard package to Devil-Linux and ran into a problem with resource limits. Grsecurity (http://www.grsecurity.net) is used in DL to prevent problems with common exploits, it also reports violations of rlimits. The following messages show up in the log, but it seems that the IMAP Server works fine: Apr 26 19:20:04 src at gate imap-login: Login: hz

Hi all For various reasons I was looking into 2.6, so I installed a copy on my desktop. Everything works fine, except for dovecot - errors such as this appeared in the syslog: Jul 15 14:41:09 typhaon dovecot: Dovecot starting up Jul 15 14:41:12 typhaon imap-login: setuid(113) failed: Resource temporarily unavailable Jul 15 14:41:12 typhaon dovecot: Login process died too early - shutting down I

Hi, this happens since a few days on a Gentoo hardened system using a grsecurity enabled kernel running Dovecot 1.0.10, only to 2 of 10 users though: --8<-- kernel: grsec: From 192.168.0.1: denied resource overstep by \ requesting 537325568 for RLIMIT_AS against limit 536870912 \ for /usr/libexec/dovecot/imap[imap:15708] uid/euid:30010/30010 \ gid/egid:30006/30006, parent

I''m experiencing an issue where my get/submit calls to the Mechanize agent are leading to timeout exceptions when the ruby script has too many open file descriptors ( > 1000). However, I''m not seeing anything about an overstep violation sent anywhere to syslog, and no error message sent to stdout. The process has the large amount of open files because it''s

Hi This is jesse. I am running exim as my mail server on cygwin. But i need imap/pop3 for accessing mail. I found that dovecot works on cygwin with some code change. So can i know how to compile dovecot on cygwin. This is important ANYBODY ____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo!

Hi I have some odd problem with running dovecot. Program dies with message in maillog: Mar 31 21:04:02 test-box dovecot: Dovecot starting up Mar 31 21:04:04 test-box dovecot: execv(imap-login) failed: Resource temporarily unavailable Mar 31 21:04:04 test-box dovecot: execv(imap-login) failed: Resource temporarily unavailable Mar 31 21:04:04 test-box dovecot: Login process died too early -

If I patch the 2.4.14 kernel with the grsecurity patch first I get errors while patching the ext3 patch. the link for the grsecuritypatch is http://www.grsecurity.net/download.htm (which ever patch I do first works fine..the onther patch fails) this is the error I get fro patching the ext3 patch second (I get an error inthe same place if I patch the grsecurity patch second) Hunk #1 FAILED at

On 03/04/2015 09:45 PM, Dave McGuire wrote: > On 03/04/2015 03:37 PM, Oliver Welter wrote: >> Am 04.03.2015 um 21:03 schrieb Dave McGuire: >>> Am 04.03.2015 um 20:12 schrieb Michael Orlitzky: >>>> Please add [DNSBL] support to iptables instead of Dovecot. It's a waste of >>>> effort to code it into every application that listens on the network.

Hi, LOG_NDELAY is the only option for openlog() in dovecot 1.1.2. Wouldn't be LOG_NDELAY|LOG_PID as option parameter much more useful? Without logging the pid, it is impossible to match 'Disconnected' log entries and the corresponding session start/login. Therefore I suggest to use LOG_NDELAY|LOG_PID in the options of i_set_failure_syslog() at all 6 occurrences which passes it

Hi list! I''m trying to run 2.4.29-xenU with grsec. Jacob Gorm Hansen said couple of weeks ago, that grsec should work with xen when pax is disabled.. Well, to get the kernel compiling there''s some source hacking that needs to be done.. I''ll describe what I did and what error I got: I downloaded xen-2.0-testing-src.tgz and extracted it. I edited the toplevel Makefile

Hi guys, I''m looking for every possible way to secure my dom0 before shipping it out to the datacenter, and grsecurity/pax was one such option. I tried installing the binaries from the Arch Linux repos, but had little success with them (Xen kernel loaded, passed to dom0, then promptly rebooted). I had no clues in kernel.log or dmesg, both seemed normal. Any suggestions or advice?

I've been working with Asterisk for about 2 months now and am doing well. However I decided to switch platforms from Fedora Core 1, that my predacessor was using, to Gentoo, for obvious reasons. It just seems faster and less "bloated" everything I need, nothing I don't. Anyways, I've read what the Wiki had to say about it and I was only confused on one thing, putting

Hi! I'm running 1.1rc4 on a system and this happens occasionally: --8<-- mail.info; dovecot: auth(default): client in: AUTH 1 PLAIN service=imap lip=NN.NN.NN.NN rip=NNN.NN.NNN.NN lport=143 mail.info; dovecot: auth-worker(default): pam(XXXXXXXXXXXX,NNN.NN.NNN.NN): lookup service=imap kern.alert; kernel: grsec: From NN.NN.NN.NN: denied resource overstep by requesting

http://bugs.freedesktop.org/show_bug.cgi?id=14491 Summary: enabling randr-1.2 support causes LVDS unknown config bits error when starting the X server Product: xorg Version: git Platform: x86 (IA32) OS/Version: Linux (All) Status: NEW Severity: normal Priority: medium Component:

>This is pretty surprising. When a domU is actually running, dom0 isn''t >really involved (other than for IO), so its surprising grsec makes a >difference. >Do you get any console output from the guest before it crashes? I''m >wandering if its actually been built incorrectly by the domain builder >running in dom0. I don''t get any output from the guest

Hello, now on my box I have Shorewall 2.0.7 who work fine but I want upgrade kernel to version 2.6.10 + Grsecurity, somebody have any problem with shorewall on this kernel? I read on one site that on this kernel APF don`t want work, APF users must change MONOKERN="0" to MONOKERN="1"! Shorewall? Thanks Sorry if my english bad! -- Best regards, Ratko

Hello everybody For network simulation purposes I am trying to run a Linux image with a PAX enabled grsec kernel on a Gentoo xen-3.1.1 with HVM. While the image boots flawlessly on real hardware the kernel does not really like the fully virtualized Xen/Qemu environment. It does not succeed to boot (for dmesg see attachment). I first tried with the grsec- patched 2.6.14.6 sources but it

Hy all! I'm new to this group, I welcome everyone. OS: Debian Woody 3.0, kernel 2.4.20-grsecurity Samba: 2.2.8a, compiled from source State: Samba up, and running Problem: I've got hundreads of unix users, and I don't want to import them one by one using smbpasswd. I've got a book from O'reilly wich is told to be the official. It says, this thing can be done by using the

Hy again! OS: Debian Woody 3.0, kernel 2.4.20-grsecurity Samba: 2.2.8a status: samba up, and running Problem: If I use a usrname/password on client machines, (win98 and winxp/2k) I could not log on as an other user to the machine, only if I logout, or reboot the client. I1ve read in O'reilly's samba book, that there is an option revalidate. But testparm says, it is unknown. How can I

I'm using a simple mbox config with regular Unix users and pam authentication. I'm also using grsecurity. That's why I see what dovecot does in which users' name. As times goes by and new versions are coming I can frustratedly see, that more and more tasks are performed as root. Why? When I used 1.x series of Dovecot, imap process started in the name of the user whose mbox was