similar to: Compiling xenlinux 2.4.29 with grsec.. help needed

Hello everybody For network simulation purposes I am trying to run a Linux image with a PAX enabled grsec kernel on a Gentoo xen-3.1.1 with HVM. While the image boots flawlessly on real hardware the kernel does not really like the fully virtualized Xen/Qemu environment. It does not succeed to boot (for dmesg see attachment). I first tried with the grsec- patched 2.6.14.6 sources but it

Hi, this happens since a few days on a Gentoo hardened system using a grsecurity enabled kernel running Dovecot 1.0.10, only to 2 of 10 users though: --8<-- kernel: grsec: From 192.168.0.1: denied resource overstep by \ requesting 537325568 for RLIMIT_AS against limit 536870912 \ for /usr/libexec/dovecot/imap[imap:15708] uid/euid:30010/30010 \ gid/egid:30006/30006, parent

Howdy folks ! I just added Dovecot as a standard package to Devil-Linux and ran into a problem with resource limits. Grsecurity (http://www.grsecurity.net) is used in DL to prevent problems with common exploits, it also reports violations of rlimits. The following messages show up in the log, but it seems that the IMAP Server works fine: Apr 26 19:20:04 src at gate imap-login: Login: hz

I am trying to run Dovecot on RH 7.3 with Linux kernel 2.4.20 + GrSecurity patch. I downloaded the RPM yesterday and installed it. When I start Dovecot the kernel reports: kernel: grsec: From 192.168.1.22: attempt to overstep process limit by (dovecot:14491) UID(0) EUID(0), parent (dovecot:23872) UID(0) EUID(0) I have never seen this problem in the 3 years I have used GrSecurity together with a

>This is pretty surprising. When a domU is actually running, dom0 isn''t >really involved (other than for IO), so its surprising grsec makes a >difference. >Do you get any console output from the guest before it crashes? I''m >wandering if its actually been built incorrectly by the domain builder >running in dom0. I don''t get any output from the guest

Hi guys, I''m looking for every possible way to secure my dom0 before shipping it out to the datacenter, and grsecurity/pax was one such option. I tried installing the binaries from the Arch Linux repos, but had little success with them (Xen kernel loaded, passed to dom0, then promptly rebooted). I had no clues in kernel.log or dmesg, both seemed normal. Any suggestions or advice?

On Tue, Feb 24, 2015 at 11:56:50PM +0100, Olivier Mauras wrote: > > > On Tue, 2015-02-24 at 16:05 -0500, Laine Stump wrote: > > On 02/24/2015 03:37 PM, Olivier Mauras wrote: > > >> Hello, > > >> > > >> I've been trying to boot a VM with the rootfs being a 9P share from > > >> the host. The VM OS is centos 7. > > >>

I've been working with Asterisk for about 2 months now and am doing well. However I decided to switch platforms from Fedora Core 1, that my predacessor was using, to Gentoo, for obvious reasons. It just seems faster and less "bloated" everything I need, nothing I don't. Anyways, I've read what the Wiki had to say about it and I was only confused on one thing, putting

Hello, I've been trying to boot a VM with the rootfs being a 9P share from the host. The VM OS is centos 7. The OS boots but no services can work and it appears that the authentication system is broken. Now the funny thing is that booting the same OS on the same 9P share manually with Qemu works as expected with a fully functionnal OS... So I'm wondering what could libvirt do that render

On 02/24/2015 03:37 PM, Olivier Mauras wrote: >> Hello, >> >> I've been trying to boot a VM with the rootfs being a 9P share from >> the host. The VM OS is centos 7. >> The OS boots but no services can work and it appears that the >> authentication system is broken. >> >> Now the funny thing is that booting the same OS on the same 9P share

Hi This is jesse. I am running exim as my mail server on cygwin. But i need imap/pop3 for accessing mail. I found that dovecot works on cygwin with some code change. So can i know how to compile dovecot on cygwin. This is important ANYBODY ____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo!

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=469 netfilter@linuxace.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |netfilter@linuxace.com Status|NEW |RESOLVED Resolution|

Hi, I found the following in my logfiles: The failure is not reproducable at the moment. System is delivering mails to mailboxes with no problems at all. It is a production installation with medium load. dovecot --version: 1.1.7 OS: Linux (Gentoo/x86 stable) - grsec enabled kernel deliver.log: deliver(user at example.tld): Panic: file istream-tee.c: line 144 (i_stream_tee_read): assertion

Hello, my dom0 is an alpinelinux installed with kernel 3.10.14-1-grsec and xen 4.2.2. My domU is an opensuse 12.3 with all patches installed. The system works great, but when I do only switch xen from 4.2.2 to 4.3.0 (packages from http://nl.alpinelinux.org/alpine/edge/main/x86_64/) then my kernel in the domU does an Oops and the drivers for my dvb card aren''t loaded successfully. When I

I have a Asus laptop, from the new generation, and my network driver is present in the kernel since version 2.6.32(Jmicron). Is there any CentOS with this kernel? I tried to compile myself, but I failed. Is a bit harder than I thought. Is there any testing version of CentOS or some backports? Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hello, on my ext3 fs I have a file that I can not modify anymore: $ who am i root pts/0 Nov 18 19:42 (192.168.10.110) $ ls -al /mnt/path/usage_200306.html -rw-r-xrw- 1 50946 nobody 99935 Jul 1 2003 /mnt/path/usage_200306.html $ rm /mnt/path/usage_200306.html rm: remove regular file `/mnt/path/usage_200306.html'? y rm: cannot remove `/mnt/path/usage_200306.html': Operation

Good evening all, I''ve all but finished installing Xen 2.0.5, XenLinux 2.6.10 and Debian GNU/Linux 3.0r4 into /boot on a colo box currently (and temporarily) running CentOS. I''ve chrooted into the debian install (chroot /boot /bin/bash) and was able to set everything up, install requisite packages, install xen, etc. Now I''m at the last step and I''ve run into

version dovecot-1.0-test27: Jul 9 21:49:07 server dovecot: IMAP(testtest): mprotect() failed with index file /home/testtest/mail/.imap/INBOX/dovecot.index: Permission denied with version 0.99.10.6 i have no such troubles ... ? tx4hlp, joachim

Hello. Dovecot is not binding or listening on port 993 when I start it. $ sudo netstat -tlnp | grep -c 993 0 Dovecot starts fine and runs without complaints. $ sudo service dovecot restart Restarting IMAP/POP3 mail server: dovecot. $ sudo tail /var/log/mail.log Apr 4 13:42:39 mwjones dovecot: master: Warning: Killed with signal 15 (by pid=16238 uid=0 code=kill) Apr 4 13:42:39 mwjones

I am seeing a kernel message, "hdc: lost interrupt", when running LTP on the xen0 domain. The first time I saw the ''kernel: hdc: lost interrupt'' in /var/log/messages, I was running LTP on both xen0 and xenU domains. The xenU domain was totally hung at this point. Suspecting a setup error, I re-checked the installation and reran LTP on xen0 alone, without having