Linux-2.4.29-grsec vs Crossfire Server 1.7.0 & client 1I

Guest · Post by **Guest** » Thu Feb 10, 2005 6:35 am

Okay, I dropped iptables to make sure nothing there was causing an issue...

I start my server under: Linux-2.4.29-grsec computer. (thats the gr security kernel patch)
The client is of a similar system (slighty outdated) Linux-2.4.28-ow1 (thats openwall security patch)

Now as far as the problem, when the server is started: "crossfire -detach" everything works fine, all green in the /var/log/crossfire/* file. (running crossfire server 1.7.0)

When attempting to make a connection from the client machine, running crossfire gtk client 1.7.0, I enter in the private IP address: 10.10.10.213. Connection begins on client for a few seconds, then kills. (no connection established presented, but the hang is pretty obvious that something happened)

So, I walk into the other room were the "to be" dedicated server sits. (sorry guys this is a dedicated LAN server..) . I come to find the following message on my server's shell screen.

Code: Select all

grsec: From 10.10.10.195: attempted resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 by /usr/bin/crossfire[crossfire:15176] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0

The easy part is that the crossfire, server or client, has violated the systems security.

So if anybody can help me find where this problem actually is, as it may not be in the crossfire server or client itself. Advice on fixing anything would be very much appreciated.

woo · Post by **woo** » Thu Feb 10, 2005 6:57 am

As far as I'm aware this error is when a process tries to segfault and dump a core file - and RLIMIT prevents it.
So this would seem to be a symptom of a server crash - not actually the problem itself.

First place I would look for server crashes are your maps - are they in the right place, read permission - etc.

Guest · Post by **Guest** » Thu Feb 10, 2005 4:08 pm

yep that was the problem...I put the maps in the wrong location!
I had it in /var/crossfire/maps -- oop!

(crossfire was installed: --prefix=/usr --sysconfdir=/etc --localstatedir=/var)

so, I moved the maps to /usr/share/crossfire/maps and success.

I guess this is what happens...when you spend too much time building a scratch/LFS dist..

Basic · Post by **Basic** » Thu Feb 10, 2005 4:35 pm

As an aside, what distro are you using?

Mith · Post by **Mith** » Thu Feb 10, 2005 8:09 pm

Basic wrote:As an aside, what distro are you using?

Guest wrote:I guess this is what happens...when you spend too much time building a scratch/LFS dist..

it looks he uses LFS (Linux From Scratch) www.linuxfromscratch.org

Basic · Post by **Basic** » Fri Feb 11, 2005 3:40 am

Totally missed that. Didn't know there was a linux distro called "Scratch"

Mith · Post by **Mith** » Fri Feb 11, 2005 10:41 am

lol, i rather had to say: "he uses an LFS system" for there is no such thing as an LFS distribution.
LFS is not distributed, its just a huge list of commands and explanations how to make YourOwn distro using nothing but source (and some other distro to compile the source

)

woo · Post by **woo** » Fri Feb 11, 2005 2:16 pm

Yeah the small problem of I need a compiler to compile my compiler...
They have detaied instructions on how to setup static libraries to compile your own compiler/ibs and go from there.

Casper · Post by **Casper** » Fri Feb 11, 2005 2:26 pm

Yes, usually making a native compiler is a multi-stage thing.

1. Write a compiler for a subset of the language you want the compiler for in a language you have a compiler for. If you don't, write your compiler in assembly.

2. Using the subset supported by the compiler written in diferent language, write a compiler in the language you are making the compiler for that supports the full language.

3. Using full language rewrite the compiler in the language you are making.

4. Compile the full native compiler written using all features with the full native using a subset of the features.

5. Recompile.

yerp · Post by **yerp** » Mon Feb 14, 2005 4:58 am

Now that my registration has completed...
(I am the "guest" in the original post here.)

The Official Name for my personal Distribution would be Slightly Automated Linux From Scratch, for short Salfs.

For all practical purposes the easiest way is to use another distro, install to harddrive or LiveCD and use their compilers..etc..

But I find the term "scratch" to be misunderstood. It seems that most people who hear the word "scratch" seem to think I wrote the source for the entire system.....! And if that were the case, when would I get the time to...say...take a shower, let alone play crossfire??

All in all, one of my favorite reasons for using LFS, is optimizations.. -march=pentium4 or -march=athlon-xp and -O3. (or for small harddrives -Os)

And then, to make my life easier, I .tar.bz2 my latest version. So then I can copy & paste install AKA windows style installation.

woo wrote:Yeah the small problem of I need a compiler to compile my compiler...

I believe you can download a ISO bootable image with the 6.0 sources and everything on it from the site. that way you dont need anything on your harddrive. Compiler is on that bootable os.

If I could only learn how to do this myself (the bootable distro) I could make a portable crossfire server on a CD (& client) with the help of a usb thumb drive..