[Dovecot] Dovecot will not run on secure kernel.

Timo Sirainen tss at iki.fi
Mon Jun 16 11:39:15 EEST 2003


On Sun, 2003-06-15 at 15:55, Ola Garstad wrote:
> I am trying to run Dovecot on RH 7.3 with Linux kernel 2.4.20 + GrSecurity patch.
> I downloaded the RPM yesterday and installed it.
> 
> When I start Dovecot the kernel reports: kernel: grsec: From 192.168.1.22: attempt to overstep process limit by (dovecot:14491) UID(0) EUID(0), parent (dovecot:23872) UID(0) EUID(0)

I thought v0.99.9 fixed this.. Unless grsec checks it now while trying
to set the limit. See if this helps:


diff -u -r1.10 main.c
--- src/login-common/main.c     27 Apr 2003 01:21:50 -0000      1.10
+++ src/login-common/main.c     16 Jun 2003 08:38:10 -0000
@@ -131,7 +131,7 @@
 static void drop_privileges(const char *name)
 {
        /* make sure we can't fork() */
-       restrict_process_size((unsigned int)-1, 0);
+       restrict_process_size((unsigned int)-1, 1);
 
        /* Log file or syslog opening probably requires roots */
        open_logfile(name);



More information about the dovecot mailing list