Xymon Mailing List Archive search

Hobbit Fetch mode + Grsec = error

2 messages in this thread

list L.M.J · Sat, 24 May 2008 19:15:45 +0200 · 
Hi,
 
  I have to face with a new issue today. I have a server directly connected at Internet with Iptables +
grsecurity. Since I do really care about it, I've installed my favorite monitoring tool ;) in fetch mode and
I'm trying to get information from a remote hobbit server. That's not the first time I'm doing this but this
time, my server can't fetch any data.
  After checked Iptables rules, telnet the remote port, checked logs on both side, I've found in the iptables
logs this : 

  May 24 19:03:26 h0stname kernel: grsec: From 86.122.23.141: denied resource overstep by requesting 1024 for
  RLIMIT_NOFILE against limit 1024 for /opt/hobbit-monitor/client/bin/msgcache[msgcache:16202]
  uid/euid:500/500 gid/egid:500/500, parent /opt/hobbit-monitor/client/bin/hobbitlaunch[hobbitlaunch:8855]
  uid/euid:500/500 gid/egid:500/500

  I used have some issue with my grsec kernel, especially on binaries. I had to "paxctl" them and the problem
was solved but I'm kinda stick on this one. 

  Anyone have an idea please ?

   Thanks by advance,

      LMJ
list L.M.J · Thu, 29 May 2008 20:07:09 +0200 · 
I heard the Hobbit server had an issue, I permit myself to send back this post. Thanks ;)

Le Sat, 24 May 2008 19:15:45 +0200,
quoted from L.M.J
"L.M.J" <user-78bb6d5d9024@xymon.invalid> a écrit :

Hi,
   I have to face with a new issue today. I have a server directly connected at Internet with Iptables +
grsecurity. Since I do really care about it, I've installed my favorite monitoring tool ;) in fetch mode and
I'm trying to get information from a remote hobbit server. That's not the first time I'm doing this but this
time, my server can't fetch any data.
  After checked Iptables rules, telnet the remote port, checked logs on both side, I've found in the
iptables logs this : 
  May 24 19:03:26 h0stname kernel: grsec: From 86.122.23.141: denied resource overstep by requesting 1024
for RLIMIT_NOFILE against limit 1024 for /opt/hobbit-monitor/client/bin/msgcache[msgcache:16202]
  uid/euid:500/500 gid/egid:500/500, parent /opt/hobbit-monitor/client/bin/hobbitlaunch[hobbitlaunch:8855]
  uid/euid:500/500 gid/egid:500/500

  I used have some issue with my grsec kernel, especially on binaries. I had to "paxctl" them and the
problem was solved but I'm kinda stick on this one. 
  Anyone have an idea please ?

   Thanks by advance,

      LMJ