Re: Crashes with Grsecurity kernel from Christian Rößner on 2015-01-11 (OpenDKIM Users mailing list)

From: Christian Rößner <c_at_roessner-network-solutions.com>
Date: Sun, 11 Jan 2015 18:13:49 +0100

I kust died in fron of my eyes:

Jan 11 18:08:43 mx postfix-relay/smtpd[16073]: warning: milter inet:[::1]:8892: can't read SMFIC_RCPT reply packet header: Connection reset by peer
Jan 11 18:08:43 mx postfix-relay/smtpd[16074]: warning: milter inet:[::1]:8892: can't read SMFIC_RCPT reply packet header: Success

And the process is gone.

:-(

And on my other server, where I have the standard kernel, the opendkim.verify process has died an hour ago. I really don’t understand all this.

Christian

> Am 11.01.2015 um 17:59 schrieb Christian Rößner <c_at_roessner-network-solutions.com>:
>
>
>> Am 11.01.2015 um 17:17 schrieb A. Schulze <sca_at_andreasschulze.de>:
>>
>>
>> Christian Rößner:
>>
>>> ... And it wouldn’t do this, if there was no good reason for it.
>> Ack.
>>
>> But all _I_ can say is opendkim (still 2.9.2) sign and verify millions of messages without any coredump.
>> That does not hardly look like a stack frame bug.
>
> Good point. But I really have no idea, why opendkim runs with non grsec and seg faults _sometimes_ with grsec.
>
> I just did
>
> paxctl -cmps /usr/sbin/opendkim
>
> This leads to:
>
> paxctl -v /usr/sbin/opendkim
> PaX control v0.7
> Copyright 2004,2005,2006,2007,2009,2010,2011,2012 PaX Team <pageexec_at_freemail.hu>
>
> - PaX flags: -p-s-m-x-e-- [/usr/sbin/opendkim]
> PAGEEXEC is disabled
> SEGMEXEC is disabled
> MPROTECT is disabled
> RANDEXEC is disabled
> EMUTRAMP is disabled
>
> And I sent about 600 mails in a loop without problems. I still wait and see, if opendkim seg faults again. Maybe it is PaX that sends a SIGABRT.
>
> Still investigating.
>
> Thanks
>
> Christian
> --
> Bachelor of Science Informatik
> Erlenwiese 14, 36304 Alsfeld
> T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345
> USt-IdNr.: DE225643613, http://www.roessner-network-solutions.com
>
> --
> Bachelor of Science Informatik
> Erlenwiese 14, 36304 Alsfeld
> T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345
> USt-IdNr.: DE225643613, http://www.roessner-network-solutions.com
>

--
Bachelor of Science Informatik
Erlenwiese 14, 36304 Alsfeld
T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345
USt-IdNr.: DE225643613, http://www.roessner-network-solutions.com

Received on Sun Jan 11 2015 - 17:14:04 PST

This archive was generated by hypermail 2.3.0 : Sun Jan 11 2015 - 17:18:00 PST