Hello, I have a server under apache2 since a long time with mod_php. My kernel is gentoo-sources 2.4.22-r7 with grsec USE="tcpd pam ssl -kde -X fbcon -imlib -cups -gtk -gnome -qt memlimit mysql mcal xml2 gd jpeg snmp curl apache2" CFLAGS="-O3 -march=pentium4 -funroll-loops -fprefetch-loop-arrays -pipe" #ACCEPT_KEYWORDS="~arch" Yesterday i have update to mod_php 4.3.6_rc2 Since this update I do : server modules.d # /etc/init.d/apache2 restart * Stopping apache2... * [ ok ] Message from syslogd@server at Sun Apr 11 13:16:06 2004 ... zataz kernel: grsec: From xxx.xxx.xxx.xxx: signal 11 sent to (apache2:20184) UID(0) EUID(0), parent (init:1) UID(0) EUID(0) Message from syslogd@server at Sun Apr 11 13:16:06 2004 ... zataz kernel: grsec: From xxx.xxx.xxx.xxx: signal 11 sent to (apache2:20184) UID(0) EUID(0), parent (init:1) UID(0) EUID(0) Message from syslogd@server at Sun Apr 11 13:16:06 2004 ... zataz kernel: grsec: From xxx.xxx.xxx.xxx: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by (apache2:20184) UID(0) EUID(0), parent (init:1) UID(0) EUID(0) * Starting apache2... [ ok ] Apache restart. When I do a : server modules.d # /etc/init.d/apache2 reload * Restarting apache2...[ ok ] Message from syslogd@server at Sun Apr 11 13:27:34 2004 ... zataz kernel: grsec: From xxx.xxx.Xxx.Xxx: signal 11 sent to (apache2:26709) UID(0) EUID(0), parent (init:1) UID(0) EUID(0) Message from syslogd@server at Sun Apr 11 13:27:34 2004 ... zataz kernel: grsec: From xxx.Xxx.Xxx.Xxx: signal 11 sent to (apache2:26709) UID(0) EUID(0), parent (init:1) UID(0) EUID(0) Message from syslogd@server at Sun Apr 11 13:27:34 2004 ... zataz kernel: grsec: From Xxx.Xxx.Xxx.Xxx: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by (apache2:26709) UID(0) EUID(0), parent (init:1) UID(0) EUID(0) Here apache2 crash everytime. I look the process I have : 1059 ? S 0:07 /usr/sbin/apache2 -k start -D SSL -D PHP4 3261 ? S 0:00 /usr/sbin/apache2 -k start -D SSL -D PHP4 8894 ? S 0:00 /usr/sbin/apache2 -k start -D SSL -D PHP4 20371 ? S 0:00 /usr/sbin/apache2 -k start -D SSL -D PHP4 7448 ? S 0:00 /usr/sbin/apache2 -k start -D SSL -D PHP4 1537 ? S 0:00 /usr/sbin/apache2 -k start -D SSL -D PHP4 All the child process but no apache2 parent process. To restart apache2 I should do : rm /var/run/apache2.pid /etc/init.d/apache2 zap killall apache2 /etc/init.d/apache2 start This is a critical situation for logrotate.d/apache how do a reload of the server when the log rotation is finish There is a segmentation fault in the apache log but no more description I do a strace -o /root/strace.txt /etc/init.d/apache2 reload I have the result attached to this bug. https://www.zataz.net/docs/strace.txt Somebody has an info on how i can resolv this situation ? Thxs. Regards. Reproducible: Always Steps to Reproduce: 1. emerge mod_php 2. 3.
security: i think this guy just needs to raise his limits yes? i'm not certain so i pass it on to you.
Please paste your grsecurity and pax options from your kernel config
Hi, Here are the config off grsec : # # Grsecurity # CONFIG_GRKERNSEC=y CONFIG_CRYPTO=y CONFIG_CRYPTO_SHA256=y # CONFIG_GRKERNSEC_LOW is not set # CONFIG_GRKERNSEC_MID is not set # CONFIG_GRKERNSEC_HI is not set CONFIG_GRKERNSEC_CUSTOM=y # # Address Space Protection # # CONFIG_GRKERNSEC_PAX_NOEXEC is not set CONFIG_GRKERNSEC_PAX_ASLR=y CONFIG_GRKERNSEC_PAX_RANDKSTACK=y CONFIG_GRKERNSEC_PAX_RANDUSTACK=y CONFIG_GRKERNSEC_PAX_RANDMMAP=y # CONFIG_GRKERNSEC_KMEM is not set # CONFIG_GRKERNSEC_IO is not set CONFIG_GRKERNSEC_PROC_MEMMAP=y CONFIG_GRKERNSEC_HIDESYM=y # # ACL options # CONFIG_GRKERNSEC_ACL_HIDEKERN=y CONFIG_GRKERNSEC_ACL_MAXTRIES=3 CONFIG_GRKERNSEC_ACL_TIMEOUT=30 # # Filesystem Protections # CONFIG_GRKERNSEC_PROC=y CONFIG_GRKERNSEC_PROC_USER=y CONFIG_GRKERNSEC_PROC_ADD=y # CONFIG_GRKERNSEC_LINK is not set # CONFIG_GRKERNSEC_FIFO is not set CONFIG_GRKERNSEC_CHROOT=y CONFIG_GRKERNSEC_CHROOT_MOUNT=y CONFIG_GRKERNSEC_CHROOT_DOUBLE=y CONFIG_GRKERNSEC_CHROOT_PIVOT=y CONFIG_GRKERNSEC_CHROOT_CHDIR=y CONFIG_GRKERNSEC_CHROOT_CHMOD=y CONFIG_GRKERNSEC_CHROOT_FCHDIR=y CONFIG_GRKERNSEC_CHROOT_MKNOD=y CONFIG_GRKERNSEC_CHROOT_SHMAT=y CONFIG_GRKERNSEC_CHROOT_UNIX=y CONFIG_GRKERNSEC_CHROOT_FINDTASK=y CONFIG_GRKERNSEC_CHROOT_NICE=y CONFIG_GRKERNSEC_CHROOT_SYSCTL=y CONFIG_GRKERNSEC_CHROOT_CAPS=y # # Kernel Auditing # CONFIG_GRKERNSEC_AUDIT_GROUP=y CONFIG_GRKERNSEC_AUDIT_GID=407 CONFIG_GRKERNSEC_EXECLOG=y CONFIG_GRKERNSEC_RESLOG=y CONFIG_GRKERNSEC_CHROOT_EXECLOG=y CONFIG_GRKERNSEC_AUDIT_CHDIR=y CONFIG_GRKERNSEC_AUDIT_MOUNT=y CONFIG_GRKERNSEC_AUDIT_IPC=y CONFIG_GRKERNSEC_SIGNAL=y CONFIG_GRKERNSEC_FORKFAIL=y CONFIG_GRKERNSEC_TIME=y # # Executable Protections # # CONFIG_GRKERNSEC_EXECVE is not set CONFIG_GRKERNSEC_DMESG=y CONFIG_GRKERNSEC_RANDPID=y # CONFIG_GRKERNSEC_TPE is not set # # Network Protections # CONFIG_GRKERNSEC_RANDNET=y CONFIG_GRKERNSEC_RANDISN=y CONFIG_GRKERNSEC_RANDID=y CONFIG_GRKERNSEC_RANDSRC=y CONFIG_GRKERNSEC_RANDRPC=y # CONFIG_GRKERNSEC_SOCKET is not set # # Sysctl support # CONFIG_GRKERNSEC_SYSCTL=y # # Logging options # CONFIG_GRKERNSEC_FLOODTIME=30 CONFIG_GRKERNSEC_FLOODBURST=4 Here my sysctl.conf : # # Grsecurity sysctl # # grsec sysctl logging kernel.grsecurity.audit_group = 1 kernel.grsecurity.audit_gid = 407 kernel.grsecurity.exec_logging = 1 kernel.grsecurity.chroot_execlog = 1 kernel.grsecurity.audit_chdir = 1 kernel.grsecurity.audit_mount = 1 kernel.grsecurity.audit_ipc = 1 kernel.grsecurity.signal_logging = 1 kernel.grsecurity.forkfail_logging = 1 kernel.grsecurity.timechange_logging = 1 # grsec sysctl filesystem kernel.grsecurity.chroot_deny_sysctl = 1 kernel.grsecurity.chroot_caps = 1 kernel.grsecurity.chroot_execlog = 1 kernel.grsecurity.chroot_restrict_nice = 1 kernel.grsecurity.chroot_deny_mknod = 1 kernel.grsecurity.chroot_deny_chmod = 1 kernel.grsecurity.chroot_enforce_chdir = 1 kernel.grsecurity.chroot_deny_pivot = 1 kernel.grsecurity.chroot_deny_chroot = 1 kernel.grsecurity.chroot_deny_fchdir = 1 kernel.grsecurity.chroot_deny_mount = 1 kernel.grsecurity.chroot_deny_unix = 1 kernel.grsecurity.chroot_deny_shmat = 1 kernel.grsecurity.chroot_findtask = 1 kernel.grsecurity.execve_limiting = 1 kernel.grsecurity.rand_pids = 1 kernel.grsecurity.rand_ip_ids = 1 kernel.grsecurity.rand_tcp_src_ports = 1 kernel.grsecurity.rand_isns = 1 kernel.grsecurity.rand_rpc = 1 kernel.grsecurity.dmesg = 1 kernel.grsecurity.grsec_lock = 1 Before i have mod_php 4.3.4 and apache2 everything has working fine, this problem only append on the update on mod_php 4.3.6 Regards.
I installed apache-2.0.49, mod_php-4.3.6_rc2 and grsec with the same options as you and can't reproduce this. Try updating your kernel to the latest hardened or grsec-sources first, if that doesn't help see if apache starts without php and if apache+php start without grsec
Hello, It comes maybe also from update off : dev-util/yacc-1.9.1-r2 [1.9.1-r1] how was before mod_php ? Regards
Hello, So i have update my kernel to 2.4.25 When i do the same manipulation on apache with mod_php and grsec i have : /etc/init.d/apache2 start [OK] everything is ok zataz conf # /etc/init.d/apache2 reload * Restarting apache2... [ ok ] zataz conf # Message from syslogd@zataz at Wed Apr 14 01:36:14 2004 ... zataz kernel: grsec: From 213.166.56.12: signal 11 sent to (apache2:10931) UID(0) EUID(0), parent (init:1) UID(0) EUID(0) Message from syslogd@zataz at Wed Apr 14 01:36:14 2004 ... zataz kernel: grsec: From 213.166.56.12: signal 11 sent to (apache2:10931) UID(0) EUID(0), parent (init:1) UID(0) EUID(0) Message from syslogd@zataz at Wed Apr 14 01:36:14 2004 ... zataz kernel: grsec: From 213.166.56.12: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by (apache2:10931) UID(0) EUID(0), parent (init:1) UID(0) EUID(0) and the same problem, apache children process are present, but no parent. the same error if i do /etc/init.d/apache2 stop Yet apache2 without mod_php : /etc/conf.d/apache2 APACHE2_OPTS="-D SSL" zataz conf.d # /etc/init.d/apache2 stop * Stopping apache2... [ ok ] zataz conf.d # /etc/init.d/apache2 start * Starting apache2... [ ok ] zataz conf.d # /etc/init.d/apache2 reload * Restarting apache2... [ ok ] No problem to start apache without mod_php. Yet the test with a kernel without grsec and apache2 with mod_php : zataz conf.d # /etc/init.d/apache2 stop * Stopping apache2... [ ok ] zataz conf.d # /etc/init.d/apache2 start * Starting apache2... [ ok ] zataz conf.d # /etc/init.d/apache2 reload * Restarting apache2... [ ok ] I have no problem if i desactivate grsec. Any idea ? Regards.
Hello, More informations : I have install a new server with kernel-2.4.24-r1 hardened [hardened-sources] I have install apache2 [2.0.49] and mod_php [3.4.6RC2]. my /etc/conf.d/apache2 APACHE2_OPTS="-D PHP4" STARTUPERRORLOG="/var/log/apache2/startuperror.log" PIDFILE=/var/run/apache2.pid RESTARTSTYLE="graceful" If i do : * /etc/init.d/apache2 start [OK] 12127 ? S 0:00 /usr/sbin/apache2 -k start -D PHP4 -E /var/log/apache2/startuperror.log -E /var/log/apache2/startuperror.log 29417 ? S 0:00 \_ /usr/sbin/apache2 -k start -D PHP4 -E /var/log/apache2/startuperror.log -E /var/log/apache2/startuperror.log 27472 ? S 0:00 \_ /usr/sbin/apache2 -k start -D PHP4 -E /var/log/apache2/startuperror.log -E /var/log/apache2/startuperror.log 5079 ? S 0:00 \_ /usr/sbin/apache2 -k start -D PHP4 -E /var/log/apache2/startuperror.log -E /var/log/apache2/startuperror.log 12146 ? S 0:00 \_ /usr/sbin/apache2 -k start -D PHP4 -E /var/log/apache2/startuperror.log -E /var/log/apache2/startuperror.log 18765 ? S 0:00 \_ /usr/sbin/apache2 -k start -D PHP4 -E /var/log/apache2/startuperror.log -E /var/log/apache2/startuperror.log 19557 ? S 0:00 \_ /usr/sbin/apache2 -k start -D PHP4 -E /var/log/apache2/startuperror.log -E /var/log/apache2/startuperror.log 22687 ? S 0:00 \_ /usr/sbin/apache2 -k start -D PHP4 -E /var/log/apache2/startuperror.log -E /var/log/apache2/startuperror.log cat /var/run/apache2.pid 12127 * /etc/init.d/apache2 stop [OK] cat: /var/run/apache2.pid: No such file or directory * /etc/init.d/apache2 reload [OK] No more apache process in ps, apache doesn't have reload and i have a : cat /var/run/apache2.pid 32118 Here in this server i don't have the resource overstep message error, but apache still have error to run good !! Any idea ? Regards.
what is in the apache error log file?
Hi, In my apache error_log I have : [Thu Apr 15 20:04:47 2004] [notice] Graceful restart requested, doing restart [Thu Apr 15 20:04:47 2004] [notice] seg fault or similar nasty error detected in the parent process And this on the first server I have speak about, and on the second one. We have 15 servers under gentoo, we have stop to upgrade still we doesn't find the solution to this problem. Any idea ? Regards
Sorry, I have forget to say, we have this error on a : * kernel 2.4.25 without grsec (the first server, i have shutdown grsec) * kernel 2.4.24-r1 with grsec and hardened Regards
Hello, On the new server I have yet the same error message in /var/log/kernel.log Apr 16 11:22:55 bandwidth kernel: grsec: From 192.168.1.29: signal 11 sent to /usr/sbin/apache2[apache2:14636] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
from http://forums.grsecurity.net/viewtopic.php?t=321&highlight=attempted+resource+overstep+rlimitcore might have some relavent info.. it appears to be a configuration problem
I have recently installed a new server with apache 2.0.49 and mod_php 4.3.6 rc2. I dont't use grsecurity but i think i have some of the same problems. Whenever i want to reload apache it crashes with sigsegv. The problem is easy to reproduce. Start apache with "apache2 -D PHP4" and then send a sighup to the apache2 parent process. Apache dies and in its error_log it says: [Mon Apr 19 12:02:39 2004] [notice] SIGHUP received. Attempting to restart [Mon Apr 19 12:02:40 2004] [notice] seg fault or similar nasty error detected in the parent process When apache is started without PHP support (start without -D PHP4) there is no problem reloading apache. I have tried attaching gdb to the apache parent process. It gives the following: (a lot of startup output cut away) Reading symbols from /usr/lib/php/extensions/no-debug-non-zts-20020429/mmcache.so...done. Loaded symbols for /usr/lib/php/extensions/no-debug-non-zts-20020429/mmcache.so Reading symbols from /usr/lib/php/extensions/no-debug-non-zts-20020429/java.so...done. Loaded symbols for /usr/lib/php/extensions/no-debug-non-zts-20020429/java.so 0x404893d2 in select () from /lib/libc.so.6 (gdb) cont Continuing. Program received signal SIGHUP, Hangup. [Switching to Thread 16384 (LWP 31925)] 0x404893d2 in select () from /lib/libc.so.6 (gdb) cont Continuing. Program received signal SIGHUP, Hangup. 0x403e5051 in kill () from /lib/libc.so.6 (gdb) cont Continuing. Program received signal SIGSEGV, Segmentation fault. 0x406f244e in zif_preg_grep () from /usr/lib/apache2/extramodules/libphp4.so (gdb) cont Continuing. Program received signal SIGSEGV, Segmentation fault. 0x406f244e in zif_preg_grep () from /usr/lib/apache2/extramodules/libphp4.so (gdb) cont Continuing. Cannot find user-level thread for LWP 31925: generic error (gdb) I use turck-mmcache but it doesn't help to remove it (that was my first thought). Not all installations have this problem. I think it depends on the USE flags used. Here is my "emerge info": Portage 2.0.50-r5 (default-x86-1.4, gcc-3.3.2, glibc-2.3.2-r9, 2.4.20-gentoo-r9) ================================================================= System uname: 2.4.20-gentoo-r9 i686 Intel(R) Pentium(R) 4 CPU 2.40GHz Gentoo Base System version 1.4.3.13 distcc 2.13 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] Autoconf: sys-devel/autoconf-2.58-r1 Automake: sys-devel/automake-1.8.3 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CFLAGS="-O3 -mcpu=pentium4 -march=pentium4 -funroll-loops -fprefetch-loop-arrays -pipe" CHOST="i686-pc-linux-gnu" COMPILER="gcc3" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.2/share/config /usr/kde/3/share/config /usr/lib/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O3 -mcpu=pentium4 -march=pentium4 -funroll-loops -fprefetch-loop-arrays -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs ccache sandbox" GENTOO_MIRRORS="http://mirror.pudas.net/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://mirror.pudas.net/gentoo-portage" USE="X Xaw3d aalib alsa apm arts avi berkdb cdr crypt cups curl dga dvd encode esd foomaticdb gd gdbm gif gnome gph gpm gtk gtk2 gtkhtml imap imlib innodb java jpeg kde ldap libg++ libwww mad mikmod motif mozilla mpeg mysql nas ncurses nls oggvorbis opengl oss pam pcmcia pda pdflib perl png pnp postgres python qt quicktime readline samba sdl slang snmp spell ssl svga tcltk tcpd tetex tiff truetype trusted usb wmf x86 xinerama xml xml2 xmms xosd xv zlib" I have another machine which doesn't have this problem. It has very similar hardware but it uses slightly different use flags: Portage 2.0.50-r6 (default-x86-1.4, gcc-3.3.2, glibc-2.3.2-r9, 2.6.1) ================================================================= System uname: 2.6.1 i686 Intel(R) Pentium(R) 4 CPU 2.40GHz Gentoo Base System version 1.4.9 distcc 2.13 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] Autoconf: sys-devel/autoconf-2.58-r1 Automake: sys-devel/automake-1.8.3 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CFLAGS="-O3 -march=pentium4 -funroll-loops -fprefetch-loop-arrays -pipe" CHOST="i686-pc-linux-gnu" COMPILER="gcc3" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.1/share/config /usr/kde/3.2/share/config /usr/kde/3/share/config /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O3 -march=pentium4 -funroll-loops -fprefetch-loop-arrays -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs buildpkg ccache sandbox" GENTOO_MIRRORS="ftp://trumpetti.atm.tut.fi/gentoo/" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow X a aalib acl acpi alsa ap apache2 apm arts avi berkdb cdr crypt cups curl dga dvd encode esd fbcon flash foomaticdb gb gd gdbm ggi gif gnome gphoto2 gpm gps gstreamer gtk gtk2 icc im imlib innodb java jpeg kde libg++ libwww lirc mad maildir mbox mikmod ml mmx motif mozila mpeg mys mysql ncurses nls odc oggvorbis opengl oss pcmcia pdflib perl png pnp ppds python ql qt quicktime readline samb sasl scanner sdl slang spell ssl svga tcltk tcpd tetex tiff truetype trusted usb videos wmf x x86 xml2 xmms xosd xv zlib"
Well, that last comment is definately a php bug, the reporter of this bug is having problems with a sig 11,the resource overstep is a result of the sig 11 (it's trying to dump it's core but RLIMIT_CORE is set to 0. The sig11 is the actual problem that is killing the app. grsecurity will never send a sig11 to an app but it could be caused by PaX. Try disabling pax on the apache binary by emerging paxctl and then doing this command: paxctl -zpemrxs `which apache2`
Hello, I have apply : paxctl -zpemrxs `which apache2` But if I do /etc/init.d/apache2 reload zataz root # Message from syslogd@zataz at Mon Apr 19 16:46:03 2004 ... zataz kernel: grsec: From 80.92.64.98: signal 11 sent to (apache2:13795) UID(0) EUID(0), parent (init:1) UID(0) EUID(0) Message from syslogd@zataz at Mon Apr 19 16:46:03 2004 ... zataz kernel: grsec: From 80.92.64.98: signal 11 sent to (apache2:13795) UID(0) EUID(0), parent (init:1) UID(0) EUID(0) Message from syslogd@zataz at Mon Apr 19 16:46:03 2004 ... zataz kernel: grsec: From 80.92.64.98: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by (apache2:13795) UID(0) EUID(0), parent (init:1) UID(0) EUID(0) same problem.
strace apache2 with -fF so that we can see the forks your original strace didn't include the crash because it was just the parent
Hi, strace -Ff -o /root/apache2.txt /etc/init.d/apache2 reload The strace is accessible in : http://www.zataz.net/docs/apache2.txt Regards.
Hi, I don't usw grsec but i had the same problem (using php 4.3.6rc2 and 4.3.6) This reports might have some more information: http://issues.apache.org/bugzilla/show_bug.cgi?id=28086 http://bugs.php.net/bug.php?id=27810 At least installing php 4.3.6 with the patch from http://www.apache.org/~jorton/php-4.3.6-pcrealloc.patch fix the problem for me Regards
Hi, Thxs for this report on the other people how has this problem ;) I have think that I was along to have it. Maybe gentoo gonna include this patch in portage ? What could be cool, next time, is to not put an RC php into stable :) The ebuilds maintener should wait more longer before to release a new version of software for critical applications. If they are security holes, i understand to release new version shortly. I can propose you my contribution on apache, mod_php and others apache modules. I have many servers to test different situations. Regards
romang: 4.3.5 contained some much needed fixes for cli php, so it was fast-tracked to stable after we personally tested it, and then later issues came up with certain configurations so php-4.3.6_rc2 which fixed them was put in, followed by 4.3.6 final on release (because i don't like having rc's in the stable tree myself, except where nessecary). I'll put the pcrealloc patch in when I get home in 2-3 hours.
Hi, Still waiting the patch, any troubles ? Regards.
ok, the fix is in the tree now, please check that it works.
Hi, I have test the patch : emerge mod_php >>> md5 src_uri ;-) php-4.3.6-pcrealloc.patch /etc/init.d/apache2 start OK /etc/init.d/apache2 restart (Stopping and starting ok) OK /etc/init.d/apache2 reload OK and no more apache2 SIG 11 ;) Yes the patch is OK. What I propose is to test this patch during two three day's and give you back informations before closing this bug ? -------------------------------- -------------------------------- But some things have change : <<< obj /usr/bin/pear Why is /usr/sbin/pear out ? I have test in : emerge php This error : zataz root # pear upgrade-all PHP Warning: Unknown(): Unable to load dynamic library '/usr/lib/php/extensions/no-debug-non-zts-20020429/java.so' - /usr/lib/php/extensions/no-debug-non-zts-20020429/java.so: cannot open shared object file: No such file or directory in Unknown on line 0 But all the packages are upgraded normaly. I have -java in my make.conf Maybe should be posted in a new bug ? One more time thanks for your help ;) Regards
for /usr/bin/pear moving, it's because it's been mistakenly provided with dev-php/mod_php, dev-php/php-cgi while it should only be with dev-php/php, as it needs the PHP cli binary to run. as for the java, check your /etc/php/cli-php4/php.ini for any java stuff.
This does not appear to be a hardened bug per say. Reassign bug - hardened@gentoo.org + robbat2@gentoo.org If this is incorrect then please assign it back.
Hello, Everything work fine yet :) The log rotate has been completed normaly with /etc/init.d/apache2 reload. So the server doesn't crash anymore. We could consider this ticket closed. Thxs for your help. Regards.
Ok.. had to mentor a friend who had the same problem... He uses stable system (x86) without ~. So 4.3.6_rc2 is latest stable... All bugfixed ones are set unstable...
