[rsbac] kernel oops accessing /dev/log

Vincent Danen vdanen at annvix.org
Thu Feb 9 02:29:34 CET 2006


* Vincent Danen <vdanen at annvix.org> [2006-02-08 18:15:50 -0700]:

> * Vincent Danen <vdanen at annvix.org> [2006-02-08 16:03:43 -0700]:
> 
> Just for some testing purposed, I first eliminated the changes from the
> openwall patch that touched socket.c, and still no dice.  Then I
> eliminated the openwall patch completely, and it's still causing a
> kernel oops.
> 
> I'm not sure what the problem here is, and am a bit lost on where to
> look.  I'm going to try and compile with RSBAC with debugging enabled to
> see if I can track this down further.
> 
> FWIW, I'm now seeing the problems in my vmware instance (did a fresh
> upgrade of Annvix, upgraded rsbac-admin and installed the kernel and now
> it's definitely showing up on a different system/config).

Ok, a bit more testing.  I just installed and started the mysql server
on a hunch and I get the same oops when doing an ls on the
/var/lib/mysql/mysql.sock file.

Strange thing is that I can connect to mysql via the unix socket using
mysqladmin and mysql programs:

Connection:		Localhost via UNIX socket

so there's something going on that's making it so that, for some reason,
the socket files can't be looked at (via ls) and can't be connected to
(via initlog for /dev/log) but can still be connected to via other
means (mysqladmin, mysql, even logger).

This is beyond bizarre.  Is this a configuration thing?  RSBAC is
essentially unconfigured beyond kernel compilation options.  Do I have
to somehow permit access to socket files?  Or is this a bug of some
sort?

Apparently I do have rsbac with debugging enabled and am not seeing
anything of interest (maybe I need to have this rklogd running or
something?).

I'm quite lost here.  Any help would be appreciated.

-- 
Annvix - Secure Linux Server: http://annvix.org/
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FEE30AD4 : 7F6C A60C 06C2 4811 FA1C  A2BC 2EBC 5E32 FEE3 0AD4}
Wasting time like it was free...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://www.rsbac.org/pipermail/rsbac/attachments/20060208/61f4b1dd/attachment.bin


More information about the rsbac mailing list