panic_action / ptrace: Operation not permitted

Stefan Winter stefan.winter at restena.lu
Tue Apr 1 11:36:04 CEST 2014 

Hi,

I'm currently configuring the shiny new panic_action handler on my 3.0.2
system.

The server runs as radiusd:radiusd. When I send it a kill -SEGV to try
the panic_action, the resulting log file tells me:

# cat gdb-radiusd-27780.log
Reading symbols from /usr/local/freeradius/3.0.2/sbin/radiusd...done.
Attaching to program: /usr/local/freeradius/3.0.2/sbin/radiusd, process
27780
ptrace: Operation not permitted.
//27780: No such file or directory.
/usr/local/freeradius/config/raddb/panic.gdb:1: Error in sourced command
file:
No frame selected.
(gdb) quit

The gdb session is started as radiusd (I guess; after all the running
process dropped its root priv right after starting).

So... I can't ptrace my own process? Why, thank you!

I ran the panic_action command-line as root on a running process - and
get the ptrace just fine.

I read up on this on Google, and found that this would typically be a
problem when using the "yama" security module, which I don't (there is
no /proc/sys/kernel/yama subdir).

This is a very recent system, openSUSE 13.1 with current patchlevel. The
kernel is the shipped SuSE-flavoured "default" kernel.

Before I dig into running a vanilla kernel to see if there's SUSE magic
happening on their flavour - am I looking at the wrong place? Is this
problem known and solved?

Greetings,

Stefan Winter

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x8A39DC66.asc
Type: application/pgp-keys
Size: 3243 bytes
Desc: not available
URL: <http://lists.freeradius.org/mailman/private/freeradius-users/attachments/20140401/e6586da9/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/mailman/private/freeradius-users/attachments/20140401/e6586da9/attachment.pgp>

More information about the Freeradius-Users mailing list