persistent "execve: Permission denied"
Hello,
Something has happend to our linux box (suse) and I can't figure out which ACL is breaking (or if that's the case) If I execute # man man execve: Permission denied" if I strace man man execve("/usr/bin/man", ["man", "man"], [/* 58 vars */]) = 0 uname({sys="Linux", node="central", ...}) = 0 brk(0) = 0x804a000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=86771, ...}) = 0 old_mmap(NULL, 86771, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40018000 close(3) = 0 open("/lib/tls/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0pO\1\000"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1394943, ...}) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4002e000 old_mmap(NULL, 1150108, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4002f000 madvise(0x4002f000, 1150108, MADV_SEQUENTIAL|0x1) = 0 old_mmap(0x40142000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x113000) = 0x40142000 old_mmap(0x40146000, 7324, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40146000 close(3) = 0 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40148000 mprotect(0x40142000, 4096, PROT_READ) = 0 set_thread_area({entry_number:-1 -> 6, base_addr:0x401486c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 munmap(0x40018000, 86771) = 0 brk(0) = 0x804a000 brk(0x806b000) = 0x806b000 open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory) open("/usr/share/locale/locale.alias", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=2528, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000 read(3, "# Locale name alias data base.\n#"..., 4096) = 2528 read(3, "", 4096) = 0 close(3) = 0 munmap(0x40018000, 4096) = 0 open("/usr/lib/locale/en_US.UTF-8/LC_CTYPE", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/lib/locale/en_US.utf8/LC_CTYPE", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=208464, ...}) = 0 mmap2(NULL, 208464, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40149000 close(3) = 0 open("/usr/lib/gconv/gconv-modules.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=21544, ...}) = 0 mmap2(NULL, 21544, PROT_READ, MAP_SHARED, 3, 0) = 0x4017c000 close(3) = 0 getuid32() = 0 geteuid32() = 0 getgid32() = 0 socket(PF_FILE, SOCK_STREAM, 0) = 3 fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0 poll([{fd=3, events=POLLOUT|POLLERR|POLLHUP, revents=POLLOUT}], 1, 5000) = 1 writev(3, [{"\2\0\0\0\v\0\0\0\7\0\0\0", 12}, {"passwd\0", 7}], 2) = 19 poll([{fd=3, events=POLLIN|POLLERR|POLLHUP, revents=POLLIN|POLLHUP}], 1, 5000) = 1 recvmsg(3, {msg_name(0)=NULL, msg_iov(1)=[{"passwd\0", 7}], msg_controllen=16, {cmsg_len=16, cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, {4}}, msg_flags=0}, 0) = 7 fstat64(4, {st_mode=S_IFREG|0600, st_size=217016, ...}) = 0 pread(4, "\1\0\0\0h\0\0\0\0\0\0\0\1\0\0\0[L\210E\0\0\0\0\323\0\0"..., 104, 0) = 104 mmap2(NULL, 217016, PROT_READ, MAP_SHARED, 4, 0) = 0x40182000 close(4) = 0 close(3) = 0 setregid32(62, 62) = 0 open("/proc/sys/kernel/ngroups_max", O_RDONLY) = 3 read(3, "65536\n", 31) = 6 close(3) = 0 socket(PF_FILE, SOCK_STREAM, 0) = 3 fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR) fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0 connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0 poll([{fd=3, events=POLLOUT|POLLERR|POLLHUP, revents=POLLOUT}], 1, 5000) = 1 writev(3, [{"\2\0\0\0\f\0\0\0\6\0\0\0", 12}, {"group\0", 6}], 2) = 18 poll([{fd=3, events=POLLIN|POLLERR|POLLHUP, revents=POLLIN|POLLHUP}], 1, 5000) = 1 recvmsg(3, {msg_name(0)=NULL, msg_iov(1)=[{"group\0", 6}], msg_controllen=16, {cmsg_len=16, cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, {4}}, msg_flags=0}, 0) = 6 fstat64(4, {st_mode=S_IFREG|0600, st_size=217016, ...}) = 0 pread(4, "\1\0\0\0h\0\0\0\2\0\0\0\1\0\0\0[L\210E\0\0\0\0\323\0\0"..., 104, 0) = 104 mmap2(NULL, 217016, PROT_READ, MAP_SHARED, 4, 0) = 0x401b7000 close(4) = 0 close(3) = 0 setgroups32(1, [62]) = 0 setreuid32(13, 13) = 0 execve("/usr/lib/man-db/man", ["man", "man"], [/* 58 vars */]) = -1 EACCES (Permission denied) dup(2) = 3 fcntl64(3, F_GETFL) = 0x8001 (flags O_WRONLY|O_LARGEFILE) close(3) = 0 write(2, "execve: Permission denied\n", 26execve: Permission denied ) = 26 exit_group(-22) = ? if I # cat /boot/config-2.6.11.4-21.14-smp | grep ACL CONFIG_EXT2_FS_POSIX_ACL=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_REISERFS_FS_POSIX_ACL=y CONFIG_JFS_POSIX_ACL=y CONFIG_FS_POSIX_ACL=y CONFIG_XFS_POSIX_ACL=y CONFIG_TMPFS_POSIX_ACL=y CONFIG_NFS_ACL=y CONFIG_NFSD_ACL=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_GENERIC_ACL=y The disk in question /dev/sda6 / reiserfs acl,user_xattr 1 1 I have looked at other answers, but nothing seems to work. Help? Blake |
Yeah, now I have a 2nd server (2.4 kernel) that apache is now no longer allowing any connections (403 errors) even after cleaning, rebuilding apache and rebooting. Similar situation:
a custom http multi-part form processor in apache was running, and then suddenly the system gets in this locked state. Any ideas? |
Sure enough, that 2.4 Kernel (redhat 9) box now also doesn't like to fork. Rebooting doesn't fix the problem, I suspect something has been overwritten, but what system config stuff to look at? What variables would stop the system from forking?
|
Try to boot on a clean machine with the same settings and compare the strace output. Sorry I don't have any clue but that's what I would do.
By the way you you have to do: strace -f to have all information (not sure you use it) and then well, -o /tmp/strace to make post analysis. Good luck |
All times are GMT -5. The time now is 01:05 AM. |