/etc/webmin/virtual-server/collectinfo.pl collector segfaults (?)

Hi again

As jamie indiacted I am opening another ticket to solve another strange error.

Description: The error is associated with: /etc/webmin/virtual-server/collectinfo.pl running from root cronjob I am getting hundreds of messages like: kernel: grsec: denied resource overstep by requesting 226050048 for RLIMIT_STACK against limit 8388608 for /usr/bin/dpkg-query[dpkg-query:8509] uid/euid:0/0 gid/egid:0/0, parent /bin/bash[sh:8508] uid/euid:0/0 gid/egid:0/0 (I am running a grsec enabled kernel obviously) It does NOT happen on every run but on most !!!

After MUCH debugging and enabling some syslog logging, I traced the insect back to the function:

sub open_execute_command

of file /usr/share/webmin/web-lib-funcs.pl

this command is trying to run the command

COLUMNS=1024 dpkg --list

and this produces the error !!! (In perl term is trying to run EXACTLY the following: return open(software::PKGINFO, "COLUMNS=1024 dpkg --list >$/dev/null |");

Any ideas of why this is happening ???

So Many thanks again Ioannis

Status: 
Active

Comments

Ooops my mistake....there is no dollar sign before /dev/null....the correct command is:

return open(software::PKGINFO, "COLUMNS=1024 dpkg --list > /dev/null |");

Ioannis

So if you SSH in as root and run the command :

COLUMNS=1024 dpkg --list

does it fail in that same way, or does it output a list of packages?

It does NOT fail from normal command prompt! It prints the package list ok! It fails only from inside the perl script, and not even on every run, but very often!

So if you disable grsec, does this error still happen?

Can you provide any resource how to do it? I have never done this before. I have tried read some resources but not fully understand what to do. Thanks

Grsecurity isn't something that's enabled by default on any of the supported distributions.

That would either need to be manually configured after installation, or something that's setup by your provider.

If it wasn't something you installed or configured, you may want to contact your provider to see if they have more details.

However, you could look at this tool here for some options in managing grsecurity:

https://en.wikibooks.org/wiki/Grsecurity/The_Administration_Utility