-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, Are any of you using the grsecurity kernel patch? I'm just trying to teach myself how to use it. It's pretty neat. YaST is doing somethign which it considers dangerous, because it kills it: Jul 5 01:01:04 ccs001 kernel: grsec: signal 11 sent to (y2base:13088) UID(0) EUID(0), parent (y2base:15754) UID(0) EUID(0) That happened while trying to install new packages Yet I can install rpms by hand with no trouble. Before I go plauge the relatively small group of grsecurity folks, are there any SuSE user's of grsec that can give me basic tips, like what to do to allow YaST to work? Thanks. - -- - ---------------------------------------------------- Jonathan Wilson System Administrator Cedar Creek Software http://www.cedarcreeksoftware.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE9JTMeQ5u80xXOLBcRAtRQAJ9ilVyGJ/s/b4rp++xHCCUqGbGEEQCeJWZn gvrbObD4M/OPWA32qcMS0UQ= =sNrY -----END PGP SIGNATURE-----
Hello,
Are any of you using the grsecurity kernel patch?
I'm just trying to teach myself how to use it. It's pretty neat.
YaST is doing somethign which it considers dangerous, because it kills it:
Jul 5 01:01:04 ccs001 kernel: grsec: signal 11 sent to (y2base:13088) UID(0) EUID(0), parent (y2base:15754) UID(0) EUID(0)
That happened while trying to install new packages
Yet I can install rpms by hand with no trouble.
Before I go plauge the relatively small group of grsecurity folks, are
----- Original Message ----- From: "JW" <jw@centraltexasit.com> To: <suse-security@suse.com> Sent: Friday, July 05, 2002 6:48 AM Subject: [suse-security] GrSecurity and YaST there
any SuSE user's of grsec that can give me basic tips, like what to do to allow YaST to work?
I've used the grsecurity patch against a 2.4.18 kernel on SuSE 7.3. Applying at least the 50_TIOCGDEV-2.4.2pre1 patch from: ftp://ftp.suse.com/pub/people/mantel/next/ to the kernel is required to remove some serious warning messages, but some SuSE patches are problematic since they alter the same sections of the kernel as grsec. Mediating the changes by hand becomes non-trivial for any more than a few of the patches. I've meant to ask the list before if there is a breakdown available for the various SuSE patches into something like security related, optional and required, but did not get round to it. I've not experienced any problems running YaST, though. Perhaps you've been overzealous in your configuration of grsec? Dave Alfar Networks
participants (2)
-
Dave
-
JW