Summary: | net-irc/unrealircd-3.2.6-r1 does not run under grsecurity | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Jaak Ristioja <jaak> |
Component: | Hardened | Assignee: | The Gentoo Linux Hardened Team <hardened> |
Status: | VERIFIED INVALID | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
emerge --info
config |
Description
Jaak Ristioja
2007-06-25 19:38:45 UTC
Could you please post your emerge --info and the kernel config and reopen the bug afterwards ? Created attachment 124254 [details]
emerge --info
Created attachment 124255 [details]
config
hardened-sources-2.6.20-r5 kernel configuration
Reopening. You have grsec linking restrictions enabled and you are trying to hardlink to those files as a user. This is exactly what that option prevents and is expected/desired. Either make it use a soft link or disable the option. Try to disable this option in your kernel. CONFIG_GRKERNSEC_SYSCTL_ON - CONFIG_GRKERNSEC_SYSCTL_ON=y + #CONFIG_GRKERNSEC_SYSCTL_ON is not set then use /etc/sysctl.conf to control grsec. sysctl -a | grep grsec | less Browsing the unrealircd source, it appeared that unrealircd just copies the file when it fails to hard link, so that was not the problem. However, unrealircd failed to run that copied file, because TPE (trusted path execution) was enabled and the UID it was running under was not in the group of trusted users set in the kernel config. Anyway, thanks for your support. I am sorry for bothering you all! |