Grsecurity compatible?

Hello,

I really can't say for sure. If it's designed to support other precompiled binaries withtout issue, then it should work fine. (ie, if you have programs that you don't need to recompile, da should work)

John
 
If you test this out and it works, please let me know. I'm interested in using this patch also.

I think I may attempt to install it on an old machine, but if you already have a box running with it, I won't waste my time.
 
On my first attempt, I got the new kernel and grsecurity patch running, but I encountered a few problems with critical system services.

One thing I did notice is that DirectAdmin was not affected at all. That's a good thing.

Once I figure out how to get around the problems I ran into, I'll let you know.
 
Hello,

The ulimit isn't too big of a deal. It just increases the # of allowed open files for apache. You could try removing the "-S" from the ulimit lines.. or even just remove the lines completely if you want.

John
 
With -S removed from the 4 ulimit lines in /etc/rc.d/init.d/httpd everything appears to be working.

The test system is now successfully running 2.4.24 w/ Grsecurity. :)

If other people test this on their system, please tell me and i'll update this list:

Confirmed RH + DA 2.4.24-grsec O/Ses

RedHat 8.0

If you'd like to test it out, please use this guide:

http://www.webhostingtalk.com/showthread.php?s=&threadid=226739&perpage=15&pagenumber=1

Thanks :)!
 
Please add:

Confirmed RH9 + DA + 2.4.25-grsec set to medium

It's been running on a production box for weeks now with no problems.

HTH,
Matt :)
 
Numerous systems running rh 7.X and 9 running perfect with DA also if you wish to add the 7.X
 
Back
Top