Jungle Disk
-
- Forum User
- Posts: 40
- Joined: Thu Feb 26, 2009 6:50 pm
Jungle Disk
Hi folks,
I have a client who backs up to Jungle Disk and although they have other servers running ASL and Jungle Disk without a problem we have a new server which despite having a very vanilla configuration doesn't seem to allow the jungle disk server process to run properly. The /var/log/messages log file contains the following when I start the service...
Dec 21 17:09:34 london03 kernel: junglediskserve[15973]: segfault at 48 ip a5b9496e sp bfcba0d0 error 4 in libpthread-2.5.so[a5b8e000+15000]
Dec 21 17:09:34 london03 kernel: grsec: From 88.xx.xx.xx: Segmentation fault occurred at 00000048 in /usr/local/bin/junglediskserver[junglediskserve:15973] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Dec 21 17:09:34 london03 kernel: grsec: From 88.xx.xx.xx: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/local/bin/junglediskserver[junglediskserve:15973] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Now I can see that this is because there is a segfault but I want to make sure that this is a problem with JD before submitting a ticket to them. Any ideas or thoughts?
The ip address is the one I am SSH'd to the box from.
Cheers
George
I have a client who backs up to Jungle Disk and although they have other servers running ASL and Jungle Disk without a problem we have a new server which despite having a very vanilla configuration doesn't seem to allow the jungle disk server process to run properly. The /var/log/messages log file contains the following when I start the service...
Dec 21 17:09:34 london03 kernel: junglediskserve[15973]: segfault at 48 ip a5b9496e sp bfcba0d0 error 4 in libpthread-2.5.so[a5b8e000+15000]
Dec 21 17:09:34 london03 kernel: grsec: From 88.xx.xx.xx: Segmentation fault occurred at 00000048 in /usr/local/bin/junglediskserver[junglediskserve:15973] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Dec 21 17:09:34 london03 kernel: grsec: From 88.xx.xx.xx: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/local/bin/junglediskserver[junglediskserve:15973] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Now I can see that this is because there is a segfault but I want to make sure that this is a problem with JD before submitting a ticket to them. Any ideas or thoughts?
The ip address is the one I am SSH'd to the box from.
Cheers
George
-
- Long Time Forum Regular
- Posts: 2813
- Joined: Sat Aug 20, 2005 9:30 am
- Location: The Netherlands
Re: Jungle Disk
I recently had a problem with CouchDB not starting on the ASL kernel. I got nothing more than a "denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0" message in /var/log/messages. It turned out that I needed to run execstack -c on the Erlang beam.smp binary. Because RWXMAP_LOGGING is disabled by default I wasn't seeing the "denied RWX mmap" message, which would have helped finding the cause. See here for the thread: https://www.atomicorp.com/forum/viewtop ... f=3&t=5601
So, you could try enabling RWXMAP_LOGGING in /etc/asl/config, run 'asl -s -f' and check /var/log/messages again after trying to start the program.
So, you could try enabling RWXMAP_LOGGING in /etc/asl/config, run 'asl -s -f' and check /var/log/messages again after trying to start the program.
Lemonbit Internet Dedicated Server Management
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: Jungle Disk
Keep in mind if your kernel is locked, to turn on rwx logging will also require a reboot.
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
-
- Forum User
- Posts: 40
- Joined: Thu Feb 26, 2009 6:50 pm
Re: Jungle Disk
Ah ok, so after changing the default of RWXMAP_LOGGING=no to yes but without rebooting there's no change.
I'll need to schedule a reboot of the machine which should be easier over the holidays.
Thanks for the suggestion breun, and thanks for clarifying mike
I'll need to schedule a reboot of the machine which should be easier over the holidays.
Thanks for the suggestion breun, and thanks for clarifying mike
-
- Long Time Forum Regular
- Posts: 2813
- Joined: Sat Aug 20, 2005 9:30 am
- Location: The Netherlands
Re: Jungle Disk
I believe you'll also need to run 'asl -s -f'. (Mike, correct me if I'm wrong.)
So:
1. Change the setting in /etc/asl/config
2. Run 'asl -s -f'
3. Reboot
(Steps 1 and 2 could probably be replaced by changing the setting via the ASL web interface if you have that installed and prefer using a GUI.)
So:
1. Change the setting in /etc/asl/config
2. Run 'asl -s -f'
3. Reboot
(Steps 1 and 2 could probably be replaced by changing the setting via the ASL web interface if you have that installed and prefer using a GUI.)
Lemonbit Internet Dedicated Server Management
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: Jungle Disk
Yep, always run "asl -s -f" after you make any config changes. That sets the changes in the security policy.
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: Jungle Disk
And you have to reboot because the kernel was already locked at S99.
-
- Forum User
- Posts: 40
- Joined: Thu Feb 26, 2009 6:50 pm
Re: Jungle Disk
Finally got round to rebooting this machine today - all seemed to do the trick! Thanks chaps.
Re: Jungle Disk
Sorry to dig up an old thread, but I'm having the same issue right now trying to install JungleDisk with ASL installed - thought it best to carry on here as it was #1 in Google already.
My error is the very same:
I have already tried running `execstack -c /usr/local/bin/junglediskserver` and RWXMAP_LOGGING was already set to yes.
This segfault only occurs on install (or reinstall).
Restarting the junglediskserver service just gives the following error:
I have been in touch with JungleDisk and everything is in order with the account and licence.xml file.
Any ideas?
My error is the very same:
Code: Select all
Jun 8 13:18:03 server kernel: junglediskserve[3233]: segfault at 2d0 ip 0000035d03bfd143 sp 000003e7285d1ea0 error 4 in libpthread-2.12.so[35d03bf5000+17000]
Jun 8 13:18:03 server kernel: grsec: From x.x.x.x: Segmentation fault occurred at 00000000000002d0 in /usr/local/bin/junglediskserver.#prelink#.Z7F7Ec[junglediskserve:3233] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jun 8 13:18:03 server kernel: grsec: From x.x.x.x: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/local/bin/junglediskserver.#prelink#.Z7F7Ec[junglediskserve:3233] uid/euid:0/0 gid/egid:0/0, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
Jun 8 13:18:09 server junglediskserver: Connected to gateway.
Jun 8 13:18:09 server junglediskserver: Jungle Disk Server Edition has not been configured.
This segfault only occurs on install (or reinstall).
Restarting the junglediskserver service just gives the following error:
Code: Select all
Jun 8 13:23:31 devontos0 junglediskserver: Connected to gateway.
Jun 8 13:23:31 devontos0 junglediskserver: Jungle Disk Server Edition has not been configured.
Any ideas?
-
- Forum User
- Posts: 40
- Joined: Thu Feb 26, 2009 6:50 pm
Re: Jungle Disk
@chrismcb did you restart the box too?
Re: Jungle Disk
Yes, server has been rebooted.ghazlewood wrote:@chrismcb did you restart the box too?
RWXMAP_LOGGING was already enabled from a fresh install of ASL.
The funny thing is that the segfault is only on install, not every time the service is started/restarted.
Using the debug command:
Code: Select all
/usr/local/bin/junglediskserver -d
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: Jungle Disk
strace your application, thats always a good way to find out why an application isnt starting, no matter what kernel you are using.
strace -fF whatever_your_apps_start_command_is
strace -fF whatever_your_apps_start_command_is
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
Re: Jungle Disk
Thanks... I have ran the trace and saw a few "no such file or directory" errors.
I'm wondering if, due to the segfaults happening at install, that the program hasn't been installed correctly and ASL is blocking the install - rather than the execution?
Never used the strace facility, so attached the file - in case it is clearer to anyone else.
Thanks
I'm wondering if, due to the segfaults happening at install, that the program hasn't been installed correctly and ASL is blocking the install - rather than the execution?
Never used the strace facility, so attached the file - in case it is clearer to anyone else.
Thanks
- Attachments
-
- trace.zip
- strace -fF -o trace.txt /usr/local/bin/junglediskserver
- (12.62 KiB) Downloaded 397 times
Re: Jungle Disk
Just a quick follow up on this from me.
The steps to get it installed correctly were:
The steps to get it installed correctly were:
- Download the RPM from the Jungledisk site
- yum install junglediskserver*
- killall junglediskserver
- paxctl -c /usr/local/bin/junglediskserver
- paxctl -m /usr/local/bin/junglediskserver
- Open ports 80 and 443 outbound
- Create /etc/jungledisk/junglediskserver-licence.xml file
- service junglediskserver start