I have a Xen guest which is having problems with nginx and grsec. Worker processes for nginx fail when HTTP requests are made.
Each request leaves messages much like these: [ 800.424417] nginx[7540]: segfault at 8 ip 00000c513b8ba644 sp 00007138a2675300 error 4 in nginx[c513b882000+f0000] [ 800.424428] grsec: From 202.76.166.249: Segmentation fault occurred at 0000000000000008 in /usr/sbin/nginx[nginx:7540] uid/euid:102/102 gid/egid:247/247, parent /usr/sbin/nginx[nginx:7389] uid/euid:0/0 gid/egid:0/0 [ 800.424435] grsec: From 202.76.166.249: bruteforce prevention initiated for the next 30 minutes or until service restarted, stalling each fork 30 seconds. Please investigate the crash report for /usr/sbin/nginx[nginx:7540] uid/euid:102/102 gid/egid:247/247, parent /usr/sbin/nginx[nginx:7389] uid/euid:0/0 gid/egid:0/0 [ 800.424441] grsec: From 202.76.166.249: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /usr/sbin/nginx[nginx:7540] uid/euid:102/102 gid/egid:247/247, parent /usr/sbin/nginx[nginx:7389] uid/euid:0/0 gid/egid:0/0 It would be great if someone could tell me what sysctl options or kernel options I can change to fix this in the short term. It might take me a while to understand the problem better and it would be good to have the system running. This system has changed recently from a VirtualBox guest to being a Xen guest. So the kernel is built differently, I am using the grsecurity defaults for a Xen guest with performance priorities. It ran fine as a VirtualBox guest. Let me know if you need more info. -- www.johntate.org
