The server_linux binary from the teamspeak2-server-bin package does not work under the 2.6.10-r1 hardened-dev-sources kernel. Reproducible: Always Steps to Reproduce: 1. Boot up with hardened 2.6.10-r1 2. Try and start teamspeak server 3. Reboot into 2.6.7-r16 and the binary runs without a problem Actual Results: "Killed" message immediately after server_linux command is run. Strace produces no usable output, additinally server_linux can not be ldd'd under the 2.6.10-r1 kernel which is very strange. Expected Results: Server should start. I will update bug when I get home and paste in the output of strace and ldd.
[root@nexus]-[17:01]-[/opt/teamspeak2-server] # uname -a Linux nexus 2.6.10-hardened-r1 #1 Tue Jan 18 21:01:55 EST 2005 i686 Intel(R) Pentium(R) 4 CPU 1.70GHz GenuineIntel GNU/Linux [root@nexus]-[17:01]-[/opt/teamspeak2-server] # ./server_linux Killed [root@nexus]-[17:02]-[/opt/teamspeak2-server] # ldd server_linux /usr/bin/ldd: line 1: 9312 Killed LD_TRACE_LOADED_OBJECTS=1 LD_WARN= LD_BIND_NOW= LD_LIBRARY_VERSION=$verify_out LD_VERBOSE= "$file" [root@nexus]-[17:02]-[/opt/teamspeak2-server] # strace ./server_linux execve("./server_linux", ["./server_linux"], [/* 25 vars */]) = 0 +++ killed by SIGKILL +++
(gdb) run Starting program: /opt/teamspeak2-server/server_linux Program terminated with signal SIGKILL, Killed. The program no longer exists. You can't do that without a process to debug.
Upgraded to hardened-dev-sources 2.6.10-r3, same issue.
Can you please check if you can reproduce this problem with a vanilla 2.6.10 kernel?
Same Problem with media-sound/ventrilo-server-bin under hardened-dev-sources. It works under vanilla-sources (same kernel-config): ### :~ > uname -a Linux onit 2.6.10 #1 SMP Fri Jan 21 20:44:29 CET 2005 i686 AMD Duron(tm) processor AuthenticAMD GNU/Linux :~ > /opt/ventrilo-server/ventrilo_srv Ventrilo Server - Public - Version 2.2.0 (c)Copyright 1999-2004 Flagship Industries, Inc. Unable to open configuration file 'ventrilo_srv.ini'. ERROR: Unable to read configuration data. Exiting. ###
Same problem here with Teamspeak: vanilla 2.6.10 + some x86_64 stuff + reiser4: tss works, "ldd server_linux" shows usual output vanilla 2.6.10 + grsecurity 2.1 (including their security patch) + reiser4: tss works, ldd says however "not a dynamic executable". hardened-dev-sources-2.6.10-r1 + reiser4: tss segfaults at the above-straced points, ldd says "not a dynamic executable" bombax:~ # uname -a Linux bombax 2.6.10-hardened-r1-1 #1 Sun Jan 16 14:50:54 CET 2005 i686 AMD Athlon(tm) 64 Processor 3000+ AuthenticAMD GNU/Linux bombax:~ #
Confirmed just now, as Roman reported, that server runs fine under vanilla 2.6.10: [root@nexus]-[14:08]-[/opt/teamspeak2-server] # uname -a Linux nexus 2.6.10-gentoo-r6 #1 Mon Jan 24 13:32:15 EST 2005 i686 Intel(R) Pentium(R) 4 CPU 1.70GHz GenuineIntel GNU/Linux [root@nexus]-[14:08]-[/opt/teamspeak2-server] # ldd server_linux linux-gate.so.1 => (0xffffe000) libpthread.so.0 => /lib/libpthread.so.0 (0xb7f93000) libdl.so.2 => /lib/libdl.so.2 (0xb7f8e000) libc.so.6 => /lib/libc.so.6 (0xb7e80000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000) Server is running nicely.
Reassigning to hardened, not an issue under vanilla.
Post the tail of /var/log/messages when it's killed. I'd guess PaX killed it due to an execution attempt; in which case the solution could be as simple as doing "paxctl -m /opt/teamspeak2-server/server-linux" and/or "chpax -m /opt/teamspeak2-server/server-linux" (emerge paxctl chpax if you don't have them).
:~ > paxctl -m /opt/ventrilo-server/ventrilo_srv :~ > /opt/ventrilo-server/ventrilo_srv Killed :~ > chpax -m /opt/ventrilo-server/ventrilo_srv :~ > /opt/ventrilo-server/ventrilo_srv Killed
In my hardened kernel I only enable GRSec, not Pax at all....
Just installed it here to see exactly what happens - well, "Killed" is just about it! Nothing in my system log so I can't tell what killed it. It's as if it's not a valid executable. # /lib/ld-linux.so.2 /opt/teamspeak2-server/server_linux /opt/teamspeak2-server/server_linux: error while loading shared libraries: /opt/teamspeak2-server/server_linux: cannot change memory protections: Permission denied Bizarre. It looks like it's an elf dynamic executable to some things, but not others. 'readelf -a' shows that there's no "NOTE" section in the program header (everything else on my system that I looked at had one), and it has a bunch of 'borland' references which seem to be unique, but whether they're of any consequence or not I don't know.
It might be related to this problem: http://forums.gentoo.org/viewtopic.php?t=270956 It gets interesting with this post: http://forums.gentoo.org/viewtopic.php?t=270956#1920124
see http://marc.theaimsgroup.com/?t=110781579600003&r=1&w=2 for the underlying problem.
This should be resolved in the latest hardened-sources-2.6, can you confirm?
Can confirm TS server running happily on: $ uname -a Linux nexus 2.6.11-hardened-r1 #1 Thu Mar 31 09:50:46 EST 2005 i686 Intel(R) Pentium(R) 4 CPU 1.70GHz GenuineIntel GNU/Linux Cheers!
Good to hear.
