[Dspam-user] DSPAM 3.10.2 segfaults

classic Classic list List threaded Threaded
20 messages Options
Reply | Threaded
Open this post in threaded view
|

[Dspam-user] DSPAM 3.10.2 segfaults

Patrick Laimbock
Hi,

On a CentOS 6.5 x86_64 box I'm using DSPAM 3.10.2 and SELinux is in
permissive mode. The problem is that DSPAM segfaults:

Jan 27 22:01:02 vps kernel: dspam[5621]: segfault at 29 ip
00007f3b55a2612c sp 00007f3b539d1c00 error 4 in
libc-2.12.so[7f3b559de000+18b000]

The last few lines of the strace -f shows:

6403  open("/var/lib/dspam/data/example.org/patrick/patrick.blocklist",
O_RDONLY) = -1 ENOENT (No such file or directory)
6403  gettimeofday({1390857119, 467076}, {4294967236,
7092440855327304547}) = 0
6403  mmap(NULL, 200704, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8b2ffb4000
6403  poll([{fd=7, events=POLLIN|POLLPRI}], 1, 0) = 0 (Timeout)
6403  madvise(0x7f8b2415a000, 65536, MADV_DONTNEED) = 0
6403  madvise(0x7f8b2414a000, 65536, MADV_DONTNEED) = 0
6403  write(7, "<\0\0\0\0\0\0008\0\0\0\3SHOW VARIABLES WHERE"..., 67) = 67
6403  read(7,
"\212\0\0\1\252\0\0x\234cd``d\262d``bNIMc\340\fs\f\362tt\362q"...,
16384) = 145
6403  gettimeofday({1390857119, 469600}, NULL) = 0
6403  socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 25
6403  connect(25, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
6403  sendto(25, "<20>Jan 27 22:11:59 dspam[6372]:"..., 119,
MSG_NOSIGNAL, NULL, 0) = 119
6403  close(25)                         = 0
6403  --- SIGSEGV (Segmentation fault) @ 0 (0) ---
6372  +++ killed by SIGSEGV +++


Anyone have any tips how to figure out what's causing this?

Thanks,
Patrick

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

ktm@rice.edu
On Mon, Jan 27, 2014 at 10:35:43PM +0100, Patrick Laimbock wrote:

> Hi,
>
> On a CentOS 6.5 x86_64 box I'm using DSPAM 3.10.2 and SELinux is in
> permissive mode. The problem is that DSPAM segfaults:
>
> Jan 27 22:01:02 vps kernel: dspam[5621]: segfault at 29 ip
> 00007f3b55a2612c sp 00007f3b539d1c00 error 4 in
> libc-2.12.so[7f3b559de000+18b000]
>
> The last few lines of the strace -f shows:
>
> 6403  open("/var/lib/dspam/data/example.org/patrick/patrick.blocklist",
> O_RDONLY) = -1 ENOENT (No such file or directory)
> 6403  gettimeofday({1390857119, 467076}, {4294967236,
> 7092440855327304547}) = 0
> 6403  mmap(NULL, 200704, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8b2ffb4000
> 6403  poll([{fd=7, events=POLLIN|POLLPRI}], 1, 0) = 0 (Timeout)
> 6403  madvise(0x7f8b2415a000, 65536, MADV_DONTNEED) = 0
> 6403  madvise(0x7f8b2414a000, 65536, MADV_DONTNEED) = 0
> 6403  write(7, "<\0\0\0\0\0\0008\0\0\0\3SHOW VARIABLES WHERE"..., 67) = 67
> 6403  read(7,
> "\212\0\0\1\252\0\0x\234cd``d\262d``bNIMc\340\fs\f\362tt\362q"...,
> 16384) = 145
> 6403  gettimeofday({1390857119, 469600}, NULL) = 0
> 6403  socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 25
> 6403  connect(25, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
> 6403  sendto(25, "<20>Jan 27 22:11:59 dspam[6372]:"..., 119,
> MSG_NOSIGNAL, NULL, 0) = 119
> 6403  close(25)                         = 0
> 6403  --- SIGSEGV (Segmentation fault) @ 0 (0) ---
> 6372  +++ killed by SIGSEGV +++
>
>
> Anyone have any tips how to figure out what's causing this?
>
> Thanks,
> Patrick
>
Hi Patrick,

I may be misremembering, but I think this has happened in the past
when there was a DB backend software mismatch. You need to use the version
it was built against or build your own executable.

Regards,
Ken

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Nathanael D. Noblet
In reply to this post by Patrick Laimbock
On Mon, 2014-01-27 at 22:35 +0100, Patrick Laimbock wrote:
> Hi,
>
> On a CentOS 6.5 x86_64 box I'm using DSPAM 3.10.2 and SELinux is in
> permissive mode. The problem is that DSPAM segfaults:
>

Are you using the epel provided centos rpms?



------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Patrick Laimbock
On 27-01-14 23:05, Nathanael D. Noblet wrote:
> On Mon, 2014-01-27 at 22:35 +0100, Patrick Laimbock wrote:
>> Hi,
>>
>> On a CentOS 6.5 x86_64 box I'm using DSPAM 3.10.2 and SELinux is in
>> permissive mode. The problem is that DSPAM segfaults:
>>
>
> Are you using the epel provided centos rpms?

Nope, I generated my own packages. Here's the configure snippet in the
spec file:

export CFLAGS="%{optflags}"
export LDFLAGS="-L/usr/local/lib64"
export CPPFLAGS="-I/usr/local/include"
%configure \
        --enable-long-usernames \
        --enable-syslog \
        --disable-large-scale \
        --enable-clamav \
        --enable-domain-scale \
        --disable-homedir \
        --enable-virtual-users \
        --enable-preferences-extension \
        --with-mysql-includes='%{_includedir}/mysql' \
        --with-mysql-libraries='%{_libdir}/mysql' \
        --with-pgsql-includes='%{_includedir}/pgsql' \
        --with-pgsql-libraries='%{_libdir}' \
        --enable-daemon \
        --enable-external-lookup \
        --with-storage-driver='hash_drv,mysql_drv,pgsql_drv,sqlite3_drv' \
        --with-dspam-home='%{dspam_homedir}' \
        --with-dspam-owner='%{dspam_user}' \
        --with-dspam-group='%{mail_group}' \
        --with-dspam-home-group='%{mail_group}' \
        --with-dspam-mode='%{dspam_mode}' \
        --with-logdir='%{dspam_logdir}' \
        --with-logfile='%{dspam_logdir}'/dspam.log \
        --enable-split-configuration \
        --sysconfdir='%{dspam_confdir}' \
        --enable-debug --enable-verbose-debug

# remove rpath - from the Fedora Packaging Guidelines
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g'
libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool

make %{?_smp_mflags} OPTIMIZE="%{optflags} -fPIC -DPIC"


The build/optflags are:

-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
-fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic

Regards,
Patrick

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Patrick Laimbock
In reply to this post by ktm@rice.edu
On 27-01-14 23:03, [hidden email] wrote:
> Hi Patrick,
>
> I may be misremembering, but I think this has happened in the past
> when there was a DB backend software mismatch. You need to use the version
> it was built against or build your own executable.

Hi Ken,

Thank you for your feedback. The RPM package is built with mock on a
CentOS 6.5 x86_64 host. I use MySQL and OpenLDAP so I guess that's
relevant for comparison:

# buildhost

$ rpm -qa | egrep 'mysql|openldap'
mysql-devel-5.1.71-1.el6.x86_64
mysql-libs-5.1.71-1.el6.x86_64
openldap-2.4-2.4.39-0.2.beta.20140117.git5e88fcf.x86_64
openldap-2.4-devel-2.4.39-0.2.beta.20140117.git5e88fcf.x86_64

# mailserver

$ rpm -qa | egrep 'mysql|openldap'
mysql-libs-5.1.71-1.el6.x86_64
mysql-server-5.1.71-1.el6.x86_64
openldap-2.4-2.4.39-0.2.beta.20140117.git5e88fcf.x86_64
openldap-2.4-servers-2.4.39-0.2.beta.20140117.git5e88fcf.x86_64

Afaict those are the same versions. The MySQL packages are stock CentOS.
The OpenLDAP package is the latest stable 2.4 tree.

Regards,
Patrick


------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Nathanael D. Noblet
In reply to this post by Patrick Laimbock
On Mon, 2014-01-27 at 23:25 +0100, Patrick Laimbock wrote:
> On 27-01-14 23:05, Nathanael D. Noblet wrote:
> > Are you using the epel provided centos rpms?
>
> Nope, I generated my own packages. Here's the configure snippet in the
> spec file:

Is there a reason you are doing that?


------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Patrick Laimbock
On 28-01-14 00:01, Nathanael D. Noblet wrote:
> On Mon, 2014-01-27 at 23:25 +0100, Patrick Laimbock wrote:
>> On 27-01-14 23:05, Nathanael D. Noblet wrote:
>>> Are you using the epel provided centos rpms?
>>
>> Nope, I generated my own packages. Here's the configure snippet in the
>> spec file:
>
> Is there a reason you are doing that?

Hi Nathanael,

It's an old habbit from the pre-EPEL days. A lot of stuff on EL6 is
pretty ancient so if I need something newer or something I want to use I
package it and stick it in a local repo. In the DSPAM package I included
several iterations of SELinux policies that the SELinux guys asked me to
test when they were creating the DSPAM policy.

Regards,
Patrick

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Wicher Minnaard
In reply to this post by Patrick Laimbock
On Mon, Jan 27, 2014 at 10:35 PM, Patrick Laimbock <[hidden email]> wrote:

> 6403  socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 25
> 6403  connect(25, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
> 6403  sendto(25, "<20>Jan 27 22:11:59 dspam[6372]:"..., 119,
> MSG_NOSIGNAL, NULL, 0) = 119
> 6403  close(25)                         = 0

I'm curious — what did it write to the system log just before segfaulting?

Regards, Wicher

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Patrick Laimbock
On 28-01-14 07:38, Wicher wrote:
> On Mon, Jan 27, 2014 at 10:35 PM, Patrick Laimbock <[hidden email]> wrote:
>
>> 6403  socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 25
>> 6403  connect(25, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
>> 6403  sendto(25, "<20>Jan 27 22:11:59 dspam[6372]:"..., 119,
>> MSG_NOSIGNAL, NULL, 0) = 119
>> 6403  close(25)                         = 0
>
> I'm curious — what did it write to the system log just before segfaulting?

Hi Wicher,

I couldn't find anything:

Jan 27 22:01:02 vps kernel: dspam[5621]: segfault at 29 ip
00007f3b55a2612c sp 00007f3b539d1c00 error 4 in
libc-2.12.so[7f3b559de000+18b000]
Jan 28 03:05:53 vps yum[18797]: Updated: ...

The following AVCs were reported in /var/log/audit/audit.log on Jan 27
(please note that SELinux was in permissive mode):

type=AVC msg=audit(1390709045.662:44574): avc:  denied  { open } for
pid=26277 comm="dspam" name="meminfo" dev=proc ino=4026532034
scontext=system_u:system_r:dspam_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1390709045.663:44575): avc:  denied  { getattr } for
  pid=26277 comm="dspam" path="/proc/meminfo" dev=proc ino=4026532034
scontext=system_u:system_r:dspam_t:s0
tcontext=system_u:object_r:proc_t:s0 tclass=file
type=AVC msg=audit(1390753004.293:46186): avc:  denied  { read write }
for  pid=22849 comm="dspam" path="[eventpoll]" dev=anon_inodefs ino=3786
scontext=system_u:system_r:dspam_t:s0
tcontext=system_u:object_r:anon_inodefs_t:s0 tclass=file

Regards,
Patrick

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Stevan Bajić
Hello Patrick,

and what happens if you turn off SELinux? Does it still crashes then?

--
Kind Regards from Switzerland,

Stevan Bajić


Am 2014-01-28 09:13, schrieb Patrick Laimbock:

> On 28-01-14 07:38, Wicher wrote:
>> On Mon, Jan 27, 2014 at 10:35 PM, Patrick Laimbock
>> <[hidden email]> wrote:
>>
>>> 6403  socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 25
>>> 6403  connect(25, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
>>> 6403  sendto(25, "<20>Jan 27 22:11:59 dspam[6372]:"..., 119,
>>> MSG_NOSIGNAL, NULL, 0) = 119
>>> 6403  close(25)                         = 0
>>
>> I'm curious — what did it write to the system log just before
>> segfaulting?
>
> Hi Wicher,
>
> I couldn't find anything:
>
> Jan 27 22:01:02 vps kernel: dspam[5621]: segfault at 29 ip
> 00007f3b55a2612c sp 00007f3b539d1c00 error 4 in
> libc-2.12.so[7f3b559de000+18b000]
> Jan 28 03:05:53 vps yum[18797]: Updated: ...
>
> The following AVCs were reported in /var/log/audit/audit.log on Jan 27
> (please note that SELinux was in permissive mode):
>
> type=AVC msg=audit(1390709045.662:44574): avc:  denied  { open } for
> pid=26277 comm="dspam" name="meminfo" dev=proc ino=4026532034
> scontext=system_u:system_r:dspam_t:s0
> tcontext=system_u:object_r:proc_t:s0 tclass=file
> type=AVC msg=audit(1390709045.663:44575): avc:  denied  { getattr } for
>   pid=26277 comm="dspam" path="/proc/meminfo" dev=proc ino=4026532034
> scontext=system_u:system_r:dspam_t:s0
> tcontext=system_u:object_r:proc_t:s0 tclass=file
> type=AVC msg=audit(1390753004.293:46186): avc:  denied  { read write }
> for  pid=22849 comm="dspam" path="[eventpoll]" dev=anon_inodefs
> ino=3786
> scontext=system_u:system_r:dspam_t:s0
> tcontext=system_u:object_r:anon_inodefs_t:s0 tclass=file
>
> Regards,
> Patrick
>
> ------------------------------------------------------------------------------
> WatchGuard Dimension instantly turns raw network data into actionable
> security intelligence. It gives you real-time visual feedback on key
> security issues and trends.  Skip the complicated setup - simply import
> a virtual appliance and go from zero to informed in seconds.
> http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
> _______________________________________________
> Dspam-user mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/dspam-user


------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Patrick Laimbock
On 28-01-14 10:23, Stevan Bajić wrote:
> Hello Patrick,
>
> and what happens if you turn off SELinux? Does it still crashes then?

Hi Stevan,

Yes, SELinux was not off but in permissive mode where it does not
interfere/block but only logs AVCs.

Regards,
Patrick

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Stevan Bajić
Hello Patrick,

okay. So it segfaults right after it closes the log:

6403  gettimeofday({1390857119, 469600}, NULL) = 0
6403  socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 25
6403  connect(25, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
6403  sendto(25, "<20>Jan 27 22:11:59 dspam[6372]:"..., 119,
MSG_NOSIGNAL, NULL, 0) = 119
6403  close(25)                         = 0
6403  --- SIGSEGV (Segmentation fault) @ 0 (0) ---
6372  +++ killed by SIGSEGV +++


What actions have you don't to trigger that segfault?
Could you compile DSPAM with debug symbols and try the action again and
post the backtrace here?


--
Kind Regards from Switzerland,

Stevan Bajić


Am 2014-01-28 12:01, schrieb Patrick Laimbock:

> On 28-01-14 10:23, Stevan Bajić wrote:
>> Hello Patrick,
>>
>> and what happens if you turn off SELinux? Does it still crashes then?
>
> Hi Stevan,
>
> Yes, SELinux was not off but in permissive mode where it does not
> interfere/block but only logs AVCs.
>
> Regards,
> Patrick
>
> ------------------------------------------------------------------------------
> WatchGuard Dimension instantly turns raw network data into actionable
> security intelligence. It gives you real-time visual feedback on key
> security issues and trends.  Skip the complicated setup - simply import
> a virtual appliance and go from zero to informed in seconds.
> http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
> _______________________________________________
> Dspam-user mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/dspam-user



------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Patrick Laimbock
On 28-01-14 12:23, Stevan Bajić wrote:

> Hello Patrick,
>
> okay. So it segfaults right after it closes the log:
>
> 6403  gettimeofday({1390857119, 469600}, NULL) = 0
> 6403  socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 25
> 6403  connect(25, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
> 6403  sendto(25, "<20>Jan 27 22:11:59 dspam[6372]:"..., 119,
> MSG_NOSIGNAL, NULL, 0) = 119
> 6403  close(25)                         = 0
> 6403  --- SIGSEGV (Segmentation fault) @ 0 (0) ---
> 6372  +++ killed by SIGSEGV +++
>
>
> What actions have you don't to trigger that segfault?

Just send an email which is received by postfix which sends it to DSPAM.

> Could you compile DSPAM with debug symbols and try the action again and
> post the backtrace here?

The info above was from DSPAM built with -g and with the DSPAM-debug
package installed.

In the Zimbra build scripts for DSPAM I noticed that it specifically
uses CFLAGS="-g -O2" so I rebuild the RPM with those flags instead of
the RPM optflags macro [0] and with debug enabled. This has been running
fine for a few hours now. No segfaults. Maybe those optflags are
wreaking havoc.

Regards,
Patrick

[0] optflags: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
-fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic




------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Stevan Bajić
Am 2014-01-28 12:41, schrieb Patrick Laimbock:

> On 28-01-14 12:23, Stevan Bajić wrote:
>> Hello Patrick,
>>
>> okay. So it segfaults right after it closes the log:
>>
>> 6403  gettimeofday({1390857119, 469600}, NULL) = 0
>> 6403  socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 25
>> 6403  connect(25, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
>> 6403  sendto(25, "<20>Jan 27 22:11:59 dspam[6372]:"..., 119,
>> MSG_NOSIGNAL, NULL, 0) = 119
>> 6403  close(25)                         = 0
>> 6403  --- SIGSEGV (Segmentation fault) @ 0 (0) ---
>> 6372  +++ killed by SIGSEGV +++
>>
>>
>> What actions have you don't to trigger that segfault?
>
> Just send an email which is received by postfix which sends it to
> DSPAM.
>
Daemon mode or did you call the dspam binary directly?



>> Could you compile DSPAM with debug symbols and try the action again
>> and
>> post the backtrace here?
>
> The info above was from DSPAM built with -g and with the DSPAM-debug
> package installed.
>
This is not enough. You should at least enable the following switches as
well:
--enable-debug
--enable-verbose-debug

If you like then you can add --enable-bnr-debug as well but I think for
your problem it is not needed.



> In the Zimbra build scripts for DSPAM I noticed that it specifically
> uses CFLAGS="-g -O2" so I rebuild the RPM with those flags instead of
> the RPM optflags macro [0] and with debug enabled. This has been
> running
> fine for a few hours now. No segfaults. Maybe those optflags are
> wreaking havoc.
>
My current flags on the filter system are:
nyx ~ # dspam --version

DSPAM Anti-Spam Suite GIT (agent/library)

Copyright (C) 2002-2012 DSPAM Project
http://dspam.sourceforge.net.

DSPAM may be copied only under the terms of the GNU Affero General
Public
License, a copy of which can be found with the DSPAM distribution kit.

Configuration parameters:  '--prefix=/usr' '--build=i686-pc-linux-gnu'
'--host=i686-pc-linux-gnu' '--mandir=/usr/share/man'
'--infodir=/usr/share/info' '--datadir=/usr/share' '--sysconfdir=/etc'
'--localstatedir=/var/lib' '--with-storage-driver=hash_drv,mysql_drv'
'--with-dspam-home=/var/spool/dspam' '--sysconfdir=/etc/mail/dspam'
'--enable-daemon' '--disable-external-lookup' '--enable-clamav'
'--enable-large-scale' '--disable-domain-scale' '--enable-syslog'
'--disable-debug' '--disable-bnr-debug' '--disable-verbose-debug'
'--enable-split-configuration' '--enable-long-usernames'
'--with-dspam-group=dspam' '--with-dspam-home-group=dspam'
'--with-dspam-mode=2511' '--with-logdir=/var/log/dspam'
'--with-mysql-includes=/usr/include/mysql'
'--with-mysql-libraries=/usr/lib/mysql' '--enable-virtual-users'
'--enable-preferences-extension' '--disable-homedir'
'build_alias=i686-pc-linux-gnu' 'host_alias=i686-pc-linux-gnu'
'CC=i686-pc-linux-gnu-gcc' 'CFLAGS=-march=native -O2 -pipe -fweb
-frename-registers -ftree-loop-optimize -ftree-vectorize
-ftree-vectorizer-verbose=1 -floop-interchange -floop-strip-mine
-floop-block -freorder-blocks-and-partition -fgcse-sm -fgcse-las
-maccumulate-outgoing-args -funswitch-loops -ftracer
-fprefetch-loop-arrays -fno-ident -fno-strict-overflow -mfpmath=sse
-mmmx -msse -msse2' 'LDFLAGS=-Wl,-O1 -Wl,--as-needed -Wl,-O1
-Wl,--add-needed -Wl,--as-needed -Wl,--hash-style=both
-Wl,--sort-common'

nyx ~ #


> Regards,
> Patrick
>
> [0] optflags: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
> -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic
>
>
Hmm.... I am not the super dupper GCC specialist but fexceptions are not
really needed in the case of DSPAM since it is mostly written in C and
not in C++ ->
http://gcc.gnu.org/onlinedocs/gcc/Code-Gen-Options.html#index-fexceptions-2562

If memory serves me right then fstack-protector, ssp-buffer-size and
-D_FORTIFY_SOURCE are GCC hardened options. Right? If you need them then
try using -D_FORTIFY_SOURCE with 1 instead of 2.

What GCC version are you using?



>
>
> ------------------------------------------------------------------------------
> WatchGuard Dimension instantly turns raw network data into actionable
> security intelligence. It gives you real-time visual feedback on key
> security issues and trends.  Skip the complicated setup - simply import
> a virtual appliance and go from zero to informed in seconds.
> http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
> _______________________________________________
> Dspam-user mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/dspam-user

--
Kind Regards from Switzerland,

Stevan Bajić

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Patrick Laimbock
On 28-01-14 13:40, Stevan Bajić wrote:

> Am 2014-01-28 12:41, schrieb Patrick Laimbock:
>> On 28-01-14 12:23, Stevan Bajić wrote:
>>> Hello Patrick,
>>>
>>> okay. So it segfaults right after it closes the log:
>>>
>>> 6403  gettimeofday({1390857119, 469600}, NULL) = 0
>>> 6403  socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 25
>>> 6403  connect(25, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
>>> 6403  sendto(25, "<20>Jan 27 22:11:59 dspam[6372]:"..., 119,
>>> MSG_NOSIGNAL, NULL, 0) = 119
>>> 6403  close(25)                         = 0
>>> 6403  --- SIGSEGV (Segmentation fault) @ 0 (0) ---
>>> 6372  +++ killed by SIGSEGV +++
>>>
>>>
>>> What actions have you don't to trigger that segfault?
>>
>> Just send an email which is received by postfix which sends it to
>> DSPAM.
>>
> Daemon mode or did you call the dspam binary directly?

Daemon mode.

>>> Could you compile DSPAM with debug symbols and try the action again
>>> and
>>> post the backtrace here?
>>
>> The info above was from DSPAM built with -g and with the DSPAM-debug
>> package installed.
>>
> This is not enough. You should at least enable the following switches as
> well:
> --enable-debug
> --enable-verbose-debug

Sorry if that wasn't clear. Those switches were enabled during the
build. And the strace info above was taken DSPAM configure with those
switches enabled.

> If you like then you can add --enable-bnr-debug as well but I think for
> your problem it is not needed.

This switch was not enabled.

>> In the Zimbra build scripts for DSPAM I noticed that it specifically
>> uses CFLAGS="-g -O2" so I rebuild the RPM with those flags instead of
>> the RPM optflags macro [0] and with debug enabled. This has been
>> running
>> fine for a few hours now. No segfaults. Maybe those optflags are
>> wreaking havoc.
>>
> My current flags on the filter system are:
> nyx ~ # dspam --version
>
> DSPAM Anti-Spam Suite GIT (agent/library)
>
> Copyright (C) 2002-2012 DSPAM Project
> http://dspam.sourceforge.net.
>
> DSPAM may be copied only under the terms of the GNU Affero General
> Public
> License, a copy of which can be found with the DSPAM distribution kit.
>
> Configuration parameters:  '--prefix=/usr' '--build=i686-pc-linux-gnu'
> '--host=i686-pc-linux-gnu' '--mandir=/usr/share/man'
> '--infodir=/usr/share/info' '--datadir=/usr/share' '--sysconfdir=/etc'
> '--localstatedir=/var/lib' '--with-storage-driver=hash_drv,mysql_drv'
> '--with-dspam-home=/var/spool/dspam' '--sysconfdir=/etc/mail/dspam'
> '--enable-daemon' '--disable-external-lookup' '--enable-clamav'
> '--enable-large-scale' '--disable-domain-scale' '--enable-syslog'
> '--disable-debug' '--disable-bnr-debug' '--disable-verbose-debug'
> '--enable-split-configuration' '--enable-long-usernames'
> '--with-dspam-group=dspam' '--with-dspam-home-group=dspam'
> '--with-dspam-mode=2511' '--with-logdir=/var/log/dspam'
> '--with-mysql-includes=/usr/include/mysql'
> '--with-mysql-libraries=/usr/lib/mysql' '--enable-virtual-users'
> '--enable-preferences-extension' '--disable-homedir'
> 'build_alias=i686-pc-linux-gnu' 'host_alias=i686-pc-linux-gnu'
> 'CC=i686-pc-linux-gnu-gcc' 'CFLAGS=-march=native -O2 -pipe -fweb
> -frename-registers -ftree-loop-optimize -ftree-vectorize
> -ftree-vectorizer-verbose=1 -floop-interchange -floop-strip-mine
> -floop-block -freorder-blocks-and-partition -fgcse-sm -fgcse-las
> -maccumulate-outgoing-args -funswitch-loops -ftracer
> -fprefetch-loop-arrays -fno-ident -fno-strict-overflow -mfpmath=sse
> -mmmx -msse -msse2' 'LDFLAGS=-Wl,-O1 -Wl,--as-needed -Wl,-O1
> -Wl,--add-needed -Wl,--as-needed -Wl,--hash-style=both
> -Wl,--sort-common'

Those are certainly quite different from the ones I used (optflags and
just -g -O2).

>> [0] optflags: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
>> -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic

> Hmm.... I am not the super dupper GCC specialist but fexceptions are not
> really needed in the case of DSPAM since it is mostly written in C and
> not in C++ ->
> http://gcc.gnu.org/onlinedocs/gcc/Code-Gen-Options.html#index-fexceptions-2562

Neither am I. Those flags are what Red Hat/CentOS use by default to
build packages. With their brainpower I would guess that they gave them
some thought and figured out those flags were the right ones to use :)

> If memory serves me right then fstack-protector, ssp-buffer-size and
> -D_FORTIFY_SOURCE are GCC hardened options. Right? If you need them then
> try using -D_FORTIFY_SOURCE with 1 instead of 2.
>
> What GCC version are you using?

gcc version 4.4.7 20120313 (Red Hat 4.4.7-4) (GCC)
It's the one that ships with CentOS 6.5.

FWIW DSPAM has not crashed and is still humming along fine processing a
few hundred emails since I used the -g -O2 flags.

Regards,
Patrick

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Stevan Bajić
Am 2014-01-28 15:31, schrieb Patrick Laimbock:

> On 28-01-14 13:40, Stevan Bajić wrote:
>> Am 2014-01-28 12:41, schrieb Patrick Laimbock:
>>> On 28-01-14 12:23, Stevan Bajić wrote:
>>>> Hello Patrick,
>>>>
>>>> okay. So it segfaults right after it closes the log:
>>>>
>>>> 6403  gettimeofday({1390857119, 469600}, NULL) = 0
>>>> 6403  socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 25
>>>> 6403  connect(25, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
>>>> 6403  sendto(25, "<20>Jan 27 22:11:59 dspam[6372]:"..., 119,
>>>> MSG_NOSIGNAL, NULL, 0) = 119
>>>> 6403  close(25)                         = 0
>>>> 6403  --- SIGSEGV (Segmentation fault) @ 0 (0) ---
>>>> 6372  +++ killed by SIGSEGV +++
>>>>
>>>>
>>>> What actions have you don't to trigger that segfault?
>>>
>>> Just send an email which is received by postfix which sends it to
>>> DSPAM.
>>>
>> Daemon mode or did you call the dspam binary directly?
>
> Daemon mode.
>
>>>> Could you compile DSPAM with debug symbols and try the action again
>>>> and
>>>> post the backtrace here?
>>>
>>> The info above was from DSPAM built with -g and with the DSPAM-debug
>>> package installed.
>>>
>> This is not enough. You should at least enable the following switches
>> as
>> well:
>> --enable-debug
>> --enable-verbose-debug
>
> Sorry if that wasn't clear. Those switches were enabled during the
> build. And the strace info above was taken DSPAM configure with those
> switches enabled.
>
>> If you like then you can add --enable-bnr-debug as well but I think
>> for
>> your problem it is not needed.
>
> This switch was not enabled.
>
>>> In the Zimbra build scripts for DSPAM I noticed that it specifically
>>> uses CFLAGS="-g -O2" so I rebuild the RPM with those flags instead of
>>> the RPM optflags macro [0] and with debug enabled. This has been
>>> running
>>> fine for a few hours now. No segfaults. Maybe those optflags are
>>> wreaking havoc.
>>>
>> My current flags on the filter system are:
>> nyx ~ # dspam --version
>>
>> DSPAM Anti-Spam Suite GIT (agent/library)
>>
>> Copyright (C) 2002-2012 DSPAM Project
>> http://dspam.sourceforge.net.
>>
>> DSPAM may be copied only under the terms of the GNU Affero General
>> Public
>> License, a copy of which can be found with the DSPAM distribution kit.
>>
>> Configuration parameters:  '--prefix=/usr' '--build=i686-pc-linux-gnu'
>> '--host=i686-pc-linux-gnu' '--mandir=/usr/share/man'
>> '--infodir=/usr/share/info' '--datadir=/usr/share' '--sysconfdir=/etc'
>> '--localstatedir=/var/lib' '--with-storage-driver=hash_drv,mysql_drv'
>> '--with-dspam-home=/var/spool/dspam' '--sysconfdir=/etc/mail/dspam'
>> '--enable-daemon' '--disable-external-lookup' '--enable-clamav'
>> '--enable-large-scale' '--disable-domain-scale' '--enable-syslog'
>> '--disable-debug' '--disable-bnr-debug' '--disable-verbose-debug'
>> '--enable-split-configuration' '--enable-long-usernames'
>> '--with-dspam-group=dspam' '--with-dspam-home-group=dspam'
>> '--with-dspam-mode=2511' '--with-logdir=/var/log/dspam'
>> '--with-mysql-includes=/usr/include/mysql'
>> '--with-mysql-libraries=/usr/lib/mysql' '--enable-virtual-users'
>> '--enable-preferences-extension' '--disable-homedir'
>> 'build_alias=i686-pc-linux-gnu' 'host_alias=i686-pc-linux-gnu'
>> 'CC=i686-pc-linux-gnu-gcc' 'CFLAGS=-march=native -O2 -pipe -fweb
>> -frename-registers -ftree-loop-optimize -ftree-vectorize
>> -ftree-vectorizer-verbose=1 -floop-interchange -floop-strip-mine
>> -floop-block -freorder-blocks-and-partition -fgcse-sm -fgcse-las
>> -maccumulate-outgoing-args -funswitch-loops -ftracer
>> -fprefetch-loop-arrays -fno-ident -fno-strict-overflow -mfpmath=sse
>> -mmmx -msse -msse2' 'LDFLAGS=-Wl,-O1 -Wl,--as-needed -Wl,-O1
>> -Wl,--add-needed -Wl,--as-needed -Wl,--hash-style=both
>> -Wl,--sort-common'
>
> Those are certainly quite different from the ones I used (optflags and
> just -g -O2).
>
>>> [0] optflags: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
>>> -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic
>
>> Hmm.... I am not the super dupper GCC specialist but fexceptions are
>> not
>> really needed in the case of DSPAM since it is mostly written in C and
>> not in C++ ->
>> http://gcc.gnu.org/onlinedocs/gcc/Code-Gen-Options.html#index-fexceptions-2562
>
> Neither am I. Those flags are what Red Hat/CentOS use by default to
> build packages. With their brainpower I would guess that they gave them
> some thought and figured out those flags were the right ones to use :)
>
>> If memory serves me right then fstack-protector, ssp-buffer-size and
>> -D_FORTIFY_SOURCE are GCC hardened options. Right? If you need them
>> then
>> try using -D_FORTIFY_SOURCE with 1 instead of 2.
>>
>> What GCC version are you using?
>
> gcc version 4.4.7 20120313 (Red Hat 4.4.7-4) (GCC)
> It's the one that ships with CentOS 6.5.
>
> FWIW DSPAM has not crashed and is still humming along fine processing a
> few hundred emails since I used the -g -O2 flags.
>
So you basically removed:
-pipe
-Wall
-Wp,-D_FORTIFY_SOURCE=2
-fexceptions
-fstack-protector
--param=ssp-buffer-size=4
-m64
-mtune=generic


I think you can easily add those switches back since they are rather
safe to use:
-pipe
-Wall
-mtune=generic


I don't know why would would need to add -m64? Usually you add that if
you have a 32bit system and you want to produce 64bit code. The other
switches are for hardened GCC and I don't see you using it.



> Regards,
> Patrick
>
> ------------------------------------------------------------------------------
> WatchGuard Dimension instantly turns raw network data into actionable
> security intelligence. It gives you real-time visual feedback on key
> security issues and trends.  Skip the complicated setup - simply import
> a virtual appliance and go from zero to informed in seconds.
> http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
> _______________________________________________
> Dspam-user mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/dspam-user

--
Kind Regards from Switzerland,

Stevan Bajić

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Wicher Minnaard
In reply to this post by Patrick Laimbock
On Tue, Jan 28, 2014 at 9:13 AM, Patrick Laimbock <[hidden email]> wrote:

> On 28-01-14 07:38, Wicher wrote:
>>
>> On Mon, Jan 27, 2014 at 10:35 PM, Patrick Laimbock <[hidden email]>
>> wrote:
>>
>>> 6403  socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 25
>>> 6403  connect(25, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
>>> 6403  sendto(25, "<20>Jan 27 22:11:59 dspam[6372]:"..., 119,
>>> MSG_NOSIGNAL, NULL, 0) = 119
>>> 6403  close(25)                         = 0
>>
>>
>> I'm curious — what did it write to the system log just before segfaulting?
>
>
> Hi Wicher,
>
> I couldn't find anything:
>

Well that's exceedingly odd as dspam even manages to close the file
descriptor after sending the message to your system logger...
(/dev/log is the socket that your logger is listening on.).

Dspam didn't crash *during* the sending, so then where did the message
go? Could you check your syslog configuration?

Regards, Wicher

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Matěj Cepl
In reply to this post by Patrick Laimbock
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2014-01-27, 23:19 GMT, you wrote:
> It's an old habbit from the pre-EPEL days. A lot of stuff on
> EL6 is pretty ancient so if I need something newer or
> something I want to use I package it and stick it in a local
> repo. In the DSPAM package I included several iterations of
> SELinux policies that the SELinux guys asked me to test when
> they were creating the DSPAM policy.

I would say that it is a bad habit. We spent a lot of time to
make dspam working with SELinux in the enforcing mode, all those
patches are in EPEL packages, and yes we have 3.10.2 in
EPEL-6.

I am switching from dspam to bogofilter myself, because dspam
seems to be just an overkill for my server (and yes, I haven't
been able to configure it properly it seems, so I don’t have
working web UI myself), but if you do use dspam, it would be
really nice if you helped to maintain EPEL packages. We have too
few bugs filed
(https://bugzilla.redhat.com/buglist.cgi?quicksearch=component%3Adspam)
and too little help with their fixing.

Thank you,

Matěj

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iD8DBQFS7qqA4J/vJdlkhKwRAmsNAJ0VfGn19jlt9xUagyqboKYCQUKNegCeOd9T
HGUyK1KC6wPV0gx1XeTs0jc=
=8eSE
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Patrick Laimbock
In reply to this post by Wicher Minnaard
On 01/28/2014 10:21 PM, Wicher wrote:

> On Tue, Jan 28, 2014 at 9:13 AM, Patrick Laimbock <[hidden email]> wrote:
>> On 28-01-14 07:38, Wicher wrote:
>>>
>>> On Mon, Jan 27, 2014 at 10:35 PM, Patrick Laimbock <[hidden email]>
>>> wrote:
>>>
>>>> 6403  socket(PF_FILE, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 25
>>>> 6403  connect(25, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
>>>> 6403  sendto(25, "<20>Jan 27 22:11:59 dspam[6372]:"..., 119,
>>>> MSG_NOSIGNAL, NULL, 0) = 119
>>>> 6403  close(25)                         = 0
>>>
>>>
>>> I'm curious — what did it write to the system log just before segfaulting?
>>
>>
>> Hi Wicher,
>>
>> I couldn't find anything:
>>
>
> Well that's exceedingly odd as dspam even manages to close the file
> descriptor after sending the message to your system logger...
> (/dev/log is the socket that your logger is listening on.).
>
> Dspam didn't crash *during* the sending, so then where did the message
> go? Could you check your syslog configuration?

After the crash the message is stored in the Postfix queue so Postfix
was not able to hand off the message to dspam hence queueing it.
In syslog I only recall the message about the segfault.

Regards,
Patrick

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user
Reply | Threaded
Open this post in threaded view
|

Re: [Dspam-user] DSPAM 3.10.2 segfaults

Patrick Laimbock
In reply to this post by Matěj Cepl
Hi Matěj,

On 02/02/2014 09:28 PM, Matěj Cepl wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 2014-01-27, 23:19 GMT, you wrote:
>> It's an old habbit from the pre-EPEL days. A lot of stuff on
>> EL6 is pretty ancient so if I need something newer or
>> something I want to use I package it and stick it in a local
>> repo. In the DSPAM package I included several iterations of
>> SELinux policies that the SELinux guys asked me to test when
>> they were creating the DSPAM policy.
>
> I would say that it is a bad habit. We spent a lot of time to
> make dspam working with SELinux in the enforcing mode, all those
> patches are in EPEL packages, and yes we have 3.10.2 in
> EPEL-6.

Yes I'm aware of that. I filed DSPAM <-> Postfix SELinux AVC bug(s) and
I tested the new policies and different labels as requested in the BZ
until it started working. I did the same for OpenDKIM. The DSPAM package
I use off course does not have SELinux policies included. That would
indeed be a bad habbit :-)

> I am switching from dspam to bogofilter myself, because dspam
> seems to be just an overkill for my server (and yes, I haven't
> been able to configure it properly it seems, so I don’t have
> working web UI myself), but if you do use dspam, it would be
> really nice if you helped to maintain EPEL packages. We have too
> few bugs filed
> (https://bugzilla.redhat.com/buglist.cgi?quicksearch=component%3Adspam)
> and too little help with their fixing.

Understand. I'm in the process of becoming a packager. Until that goes
through I can only file bugs and test (probably not fix because I'm not
a developer).

Regards,
Patrick

------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends.  Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Dspam-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/dspam-user