After the update from 3.6.4 to 3.7.1 I have the grsec.log spammed with lines like: Nov 1 18:02:00 ns207970 kernel: grsec: more alerts, logging disabled for 10 seconds Nov 1 18:02:11 ns207970 kernel: grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/sbin/syslog-ng[syslog-ng:24841] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/syslog-ng[syslog-ng:3179] uid/euid:0/0 gid/egid:0/0 Nov 1 18:02:11 ns207970 kernel: grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/sbin/syslog-ng[syslog-ng:24842] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/syslog-ng[syslog-ng:3179] uid/euid:0/0 gid/egid:0/0 Nov 1 18:02:11 ns207970 kernel: grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/sbin/syslog-ng[syslog-ng:24843] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/syslog-ng[syslog-ng:3179] uid/euid:0/0 gid/egid:0/0 Nov 1 18:02:11 ns207970 kernel: grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/sbin/syslog-ng[syslog-ng:24844] uid/euid:0/0 gid/egid:0/0, parent /usr/sbin/syslog-ng[syslog-ng:3179] uid/euid:0/0 gid/egid:0/0 vh ~ # grep "/usr/sbin/syslog-ng" /var/log/grsec.log | wc -l 271517 This didn't happen with 3.6.x
Portage 2.2.20.1 (python 3.4.3-final-0, hardened/linux/amd64, gcc-4.8.5, glibc-2.21-r1, 3.2.69-hardened-r11-xxxx-std-ipv6-64 x86_64) ================================================================= System Settings ================================================================= System uname: Linux-3.2.69-hardened-r11-xxxx-std-ipv6-64-x86_64-Intel-R-_Xeon-R-_CPU_E3-1245_V2_@_3.40GHz-with-gentoo-2.2 KiB Mem: 32857376 total, 11680228 free KiB Swap: 0 total, 0 free Timestamp of repository gentoo: Fri, 06 Nov 2015 07:00:01 +0000 sh bash 4.3_p39 ld GNU ld (Gentoo 2.25.1 p1.1) 2.25.1 app-shells/bash: 4.3_p39::gentoo dev-java/java-config: 2.2.0::gentoo dev-lang/perl: 5.20.2::gentoo dev-lang/python: 2.7.10::gentoo, 3.4.3::gentoo dev-util/cmake: 3.3.1-r1::gentoo dev-util/pkgconfig: 0.28-r2::gentoo sys-apps/baselayout: 2.2::gentoo sys-apps/openrc: 0.17::gentoo sys-apps/sandbox: 2.6-r1::gentoo sys-devel/autoconf: 2.13::gentoo, 2.69::gentoo sys-devel/automake: 1.14.1::gentoo, 1.15::gentoo sys-devel/binutils: 2.25.1-r1::gentoo sys-devel/gcc: 4.8.5::gentoo, 4.9.3::gentoo sys-devel/gcc-config: 1.7.3::gentoo sys-devel/libtool: 2.4.6::gentoo sys-devel/make: 4.1-r1::gentoo sys-kernel/linux-headers: 3.18::gentoo (virtual/os-headers) sys-libs/glibc: 2.21-r1::gentoo Repositories: gentoo location: /usr/portage sync-type: rsync sync-uri: rsync://bobolink.gentoo.org/gentoo-portage priority: -1000 x-portage location: /usr/local/portage masters: gentoo priority: 0 ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="*" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -march=core-avx-i -g0" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/easy-rsa /usr/share/gnupg/qualified.txt /var/bind" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.5/ext-active/ /etc/php/cgi-php5.5/ext-active/ /etc/php/cli-php5.5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -pipe -march=core-avx-i -g0" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps y" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs collision-protect config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs protect-owned sandbox sfperms sign split-log strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="it_IT.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--hash-style=gnu" MAKEOPTS="-j8" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/tmp" USE="acl amd64 berkdb bzip2 cli cracklib crypt cxx dri fpm gdbm hardened iconv ipv6 mmx mmxext modules multilib ncurses nptl openmp pam pax_kernel pcre pie readline seccomp session sse sse2 ssl ssp symlink tcpd threads unicode urandom xattr xtpax zlib" ABI_X86="64" CPU_FLAGS_X86="mmx mmxext sse sse2" ELIBC="glibc" KERNEL="linux" LINGUAS="en en_GB" NGINX_MODULES_HTTP="auth_basic charset empty_gif fastcgi gzip memcached proxy referer rewrite scgi split_clients ssi upstream_ip_hash userid uwsgi access stub_status" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_4" USERLAND="GNU" Unset: CC, CPPFLAGS, CTARGET, CXX, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON ================================================================= Package Settings ================================================================= app-admin/syslog-ng-3.7.1::gentoo was built with the following: USE="ipv6 tcpd -amqp -caps -dbi -geoip -json -mongodb -pacct -python -redis -smtp -spoof-source -systemd" ABI_X86="64"
I recompiled the entire system (which includes obviously syslog-ng) with gcc 4.9.3 and the problems seems to be not present anymore.
sounds like it "fixed" itself I guess.