[tahoe-lafs-trac-stream] [tahoe-lafs] #982: grsec disallows tahoe from learning its own IP address
tahoe-lafs
trac at tahoe-lafs.org
Mon May 27 17:29:42 UTC 2013
#982: grsec disallows tahoe from learning its own IP address
-------------------------+----------------------------
Reporter: ioerror | Owner: warner
Type: defect | Status: new
Priority: minor | Milestone: undecided
Component: code | Version: 1.6.0
Resolution: | Keywords: security grsec
Launchpad Bug: |
-------------------------+----------------------------
Old description:
> I'm attempting to run Tahoe with a Linux kernel that uses grsec (2.6.32.9
> with the corresponding grsec patch).
>
> It appears that the high security mode of grsec is incompatible with
> Tahoe.
>
> Grsec disallows a resource overstep when Tahoe requests 4196256 for
> RLIMIT_CORE. To get Tahoe started, you'll need to add the following to
> the init.d script:
> {{{
> ulimit -c 4196256
> }}}
>
> Futhermore, it appears that Tahoe has an unhandled error when it cannont
> open /proc/net/dev (it's not there for normal users in high security
> mode). This causes Tahoe to call os.abort() and Tahoe fails to start.
New description:
I'm attempting to run Tahoe with a Linux kernel that uses grsec (2.6.32.9
with the corresponding grsec patch).
It appears that the high security mode of grsec is incompatible with
Tahoe.
Grsec disallows a resource overstep when Tahoe requests 4196256 for
RLIMIT_CORE. To get Tahoe started, you'll need to add the following to the
init.d script:
{{{
ulimit -c 4196256
}}}
Futhermore, it appears that Tahoe has an unhandled error when it cannont
open /proc/net/dev (it's not there for normal users in high security
mode). This causes Tahoe to call os.abort() and Tahoe fails to start.
--
Comment (by zooko):
See #1988.
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/982#comment:10>
tahoe-lafs <https://tahoe-lafs.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list