Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Commands not completing with hardened kernel
View unanswered posts
View posts from last 24 hours

Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message

Joined: 20 Feb 2003
Posts: 59
Location: Wiltshire, UK

PostPosted: Sun Apr 12, 2015 1:58 pm    Post subject: Commands not completing with hardened kernel Reply with quote

Executive summary: Switched to hardened-sources and after about 24 hours commands wouldn't complete.


In an effort to improve security I recently switched my server from a normal kernel to hardened-sources-3.18.9. All seemed well for about 24 hours, my services ran fine, I could log and use emerge without any problems. Then suddenly I got a weird problem whereby the command prompt would not re-appear after a command was run. To be clear: I could still log in either on the console or via ssh. I would get a prompt after login and I might then type - for example - 'ls'. The ls command would run correctly, but no command prompt would appear afterwards. Ctrl-C and Ctrl-D made no difference. All my services still seemed to be running OK (nfsd, Asterisk, Apache, dns etc) although mythfrontend started to complain and my KVM VM was also still running OK. Finally I had to reboot back to a normal kernel.

I would like to go back to hardened if possible. Testing this issue is going to be a bit tricky as this is our main house server and any problems with it tend to produce domestic unhappiness! The delay between booting and seeing the problem is also a bit of an issue. If I set the machine running and go to work and then it packs in I could be in trouble (I can't do remote admin from work).

When choosing kernel settings I selected the following grsecurity options:
    Configuration Automatic
    Usage Server
    Virtualization Host
    Virtualization Hardware First-Gen
    Virtualization Software KVM
    Priorities Performance

The machine is an Athlon 64 3200+. My KVM client also runs the same hardened kernel, but obviously with some different options and it has worked just fine for ages.

Has anyone come across anything like this before?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum