similar to: problems when patching 2.4.14

Hi all, Thanks for the prompt reply about 2.4.13. I applied the patch after I'd applied the win4lin and mki patches and it fails. The .rej file is included after this message. If you need any further info I'll try and supply it. Thanks Robyn This file is sched.h.rej from /usr/src/linux/include/linux/sched.h.rej *************** *** 399,404 **** u32 self_exec_id; /*

Hi list! I''m trying to run 2.4.29-xenU with grsec. Jacob Gorm Hansen said couple of weeks ago, that grsec should work with xen when pax is disabled.. Well, to get the kernel compiling there''s some source hacking that needs to be done.. I''ll describe what I did and what error I got: I downloaded xen-2.0-testing-src.tgz and extracted it. I edited the toplevel Makefile

Hi, this happens since a few days on a Gentoo hardened system using a grsecurity enabled kernel running Dovecot 1.0.10, only to 2 of 10 users though: --8<-- kernel: grsec: From 192.168.0.1: denied resource overstep by \ requesting 537325568 for RLIMIT_AS against limit 536870912 \ for /usr/libexec/dovecot/imap[imap:15708] uid/euid:30010/30010 \ gid/egid:30006/30006, parent

I am trying to run Dovecot on RH 7.3 with Linux kernel 2.4.20 + GrSecurity patch. I downloaded the RPM yesterday and installed it. When I start Dovecot the kernel reports: kernel: grsec: From 192.168.1.22: attempt to overstep process limit by (dovecot:14491) UID(0) EUID(0), parent (dovecot:23872) UID(0) EUID(0) I have never seen this problem in the 3 years I have used GrSecurity together with a

Hi guys, I''m looking for every possible way to secure my dom0 before shipping it out to the datacenter, and grsecurity/pax was one such option. I tried installing the binaries from the Arch Linux repos, but had little success with them (Xen kernel loaded, passed to dom0, then promptly rebooted). I had no clues in kernel.log or dmesg, both seemed normal. Any suggestions or advice?

>This is pretty surprising. When a domU is actually running, dom0 isn''t >really involved (other than for IO), so its surprising grsec makes a >difference. >Do you get any console output from the guest before it crashes? I''m >wandering if its actually been built incorrectly by the domain builder >running in dom0. I don''t get any output from the guest

I've been working with Asterisk for about 2 months now and am doing well. However I decided to switch platforms from Fedora Core 1, that my predacessor was using, to Gentoo, for obvious reasons. It just seems faster and less "bloated" everything I need, nothing I don't. Anyways, I've read what the Wiki had to say about it and I was only confused on one thing, putting

version dovecot-1.0-test27: Jul 9 21:49:07 server dovecot: IMAP(testtest): mprotect() failed with index file /home/testtest/mail/.imap/INBOX/dovecot.index: Permission denied with version 0.99.10.6 i have no such troubles ... ? tx4hlp, joachim

Hello, now on my box I have Shorewall 2.0.7 who work fine but I want upgrade kernel to version 2.6.10 + Grsecurity, somebody have any problem with shorewall on this kernel? I read on one site that on this kernel APF don`t want work, APF users must change MONOKERN="0" to MONOKERN="1"! Shorewall? Thanks Sorry if my english bad! -- Best regards, Ratko

Hello everybody For network simulation purposes I am trying to run a Linux image with a PAX enabled grsec kernel on a Gentoo xen-3.1.1 with HVM. While the image boots flawlessly on real hardware the kernel does not really like the fully virtualized Xen/Qemu environment. It does not succeed to boot (for dmesg see attachment). I first tried with the grsec- patched 2.6.14.6 sources but it

Hy all! I'm new to this group, I welcome everyone. OS: Debian Woody 3.0, kernel 2.4.20-grsecurity Samba: 2.2.8a, compiled from source State: Samba up, and running Problem: I've got hundreads of unix users, and I don't want to import them one by one using smbpasswd. I've got a book from O'reilly wich is told to be the official. It says, this thing can be done by using the

Hy again! OS: Debian Woody 3.0, kernel 2.4.20-grsecurity Samba: 2.2.8a status: samba up, and running Problem: If I use a usrname/password on client machines, (win98 and winxp/2k) I could not log on as an other user to the machine, only if I logout, or reboot the client. I1ve read in O'reilly's samba book, that there is an option revalidate. But testparm says, it is unknown. How can I

I'm using a simple mbox config with regular Unix users and pam authentication. I'm also using grsecurity. That's why I see what dovecot does in which users' name. As times goes by and new versions are coming I can frustratedly see, that more and more tasks are performed as root. Why? When I used 1.x series of Dovecot, imap process started in the name of the user whose mbox was

Prepare to mark sensitive kernel structures for randomization by making sure they're using designated initializers. These were identified during allyesconfig builds of x86, arm, and arm64, with most initializer fixes extracted from grsecurity. Signed-off-by: Kees Cook <keescook at chromium.org> --- drivers/gpu/drm/nouveau/nouveau_ttm.c | 28 ++++++++++++++-------------- 1 file changed,

hello! i'm using redhat 7.2 with ext3 as my primary fs on kernel 2.4.17 + grsecurity + acl after 2-3 days of uptime i'm expiriencing problems... i attached below excert from my system logs. machine stops responing for a few seconds and after then it looks, like it's in normal operation again. the only problem is load, which is incrementing constantly, but cpu is 99% idle... after

Anyone know if there is a kernel autoconfigure tool to compile from source ? thanks luigi -- Linux Server, Microsoft Windows 2003/2008 Server, Exchange 2007 http://predellino.blogspot.com/

Hi This is jesse. I am running exim as my mail server on cygwin. But i need imap/pop3 for accessing mail. I found that dovecot works on cygwin with some code change. So can i know how to compile dovecot on cygwin. This is important ANYBODY ____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo!

Does anyone know of any Linux-based filesystem that does file-level auditing and logs based on username? Does ext2/3 do such auditing (stock or with patches)? I would like a filesystem that can be told to audit and log file deletions and log the username that deleted the file (similar to auditing on NTFS). I know, I should be using file permissions to prevent this type of deletion from

Hi, My company wants to put a SIP address on their website. The idea is that potential customers can call that address and will be forwarded to our main switchboard. It's fairly easy in theory because my asterisk server has a real IP address, so any calls to sip:<number>@asterisk-server.mycompany.com should connect just fine (except currently it will be blocked by the firewall). Our

Hi!! We are looking to implement a solution where in the background we want to capture all the commands typed by a user. One of the ways we are thinking of achieving this is to make some changes at an appropriate place in the ssh client's program flow. Given the ssh client eventually sends the command typed by the user to the sshd, I am sure somewhere within ssh program there is a