Summary: | app-crypt/letsencrypt 0.4.0-run-time segfault on gentoo hardened | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Vitaliy <devfuture> |
Component: | Current packages | Assignee: | Manuel RĂ¼ger (RETIRED) <mrueg> |
Status: | RESOLVED INVALID | ||
Severity: | normal | CC: | hardened |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | AMD64 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | emerge --info |
Check that you have emutramp enable in the kernel. (In reply to Magnus Granberg from comment #1) > Check that you have emutramp enable in the kernel. Thx! it works now. p.s. i've used tipical config Automatic - Host - KVM - Security |
Created attachment 426158 [details] emerge --info Even simple cmd "letsencrypt --help" leads to Segmentation fault. On non-hardened system all works fine. grsec.log entry: Feb 22 04:27:56 localhost kernel: [1267249.382734] grsec: From 10.0.0.2: denied RWX mmap of <anonymous mapping> by /usr/lib64/python-exec/python2.7/letsencrypt[letsencrypt:15950] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:15430] uid/euid:0/0 gid/egid:0/0 Feb 22 04:27:56 localhost kernel: [1267249.382751] grsec: From 10.0.0.2: Segmentation fault occurred at (nil) in /usr/lib64/python-exec/python2.7/letsencrypt[letsencrypt:15950] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:15430] uid/euid:0/0 gid/egid:0/0 Feb 22 04:27:56 localhost kernel: [1267249.382763] grsec: From 10.0.0.2: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/lib64/python-exec/python2.7/letsencrypt[letsencrypt:15950] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[bash:15430] uid/euid:0/0 gid/egid:0/0