Log analysis program running under apache reboots server!
Greetings all.. I have been trying to test an apache log analizing program called Nettracker (.sane.com) the program seems nice except for the fact that it keeps rebooting/crashing the server. This would just be labeled crappy software except for the fact that I am running the software as user apache and have setup process limits in login.conf and it is still able to reboot the server. This seems like a real problem and security issue as I have setup limits in /etc/login.conf (see below) and the program is being run via CGI as user apache, yet it is still capable of rebooting the system. Seems like a nice hack to me. If anyone could check over my login.conf settings below and make sure they are correct/ truly usefull, I would really appreciate it! Also any information on how this program could so easily reboot the server would be nice too. Thanks!! Nicole System is 4.1-STABLE and has 256 Megs of memory and 4X that of swap. apacheuser:\ :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\ :cputime=4h:\ :datasize=64M:\ :stacksize=4M:\ :filesize=infinity:\ :memoryuse=64M:\ :priority=0:\ :datasize-cur=32M:\ :stacksize-cur=32M:\ :coredumpsize-cur=0:\ :maxmemorysize-cur=64M:\ :memorylocked=32M:\ :maxproc=128:\ :openfiles=256:\ :tc=standard: ## standard - standard user defaults ## standard:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ :path=~/bin /bin /usr/bin /usr/local/bin:\ :manpath=/usr/share/man /usr/local/man:\ :nologin=/var/run/nologin:\ :cputime=1h30m:\ :datasize=8M:\ :stacksize=2M:\ :memorylocked=4M:\ :memoryuse=8M:\ :filesize=8M:\ :coredumpsize=8M:\ :openfiles=24:\ :maxproc=32:\ :priority=0:\ :requirehome:\ :passwordtime=90d:\ :umask=002:\ :ignoretime@:\ :tc=default: default:\ :cputime=infinity:\ :datasize-cur=22M:\ :stacksize-cur=8M:\ :memorylocked-cur=10M:\ :memoryuse-cur=30M:\ :filesize=infinity:\ :coredumpsize=infinity:\ :maxproc-cur=64:\ :openfiles-cur=64:\ :priority=0:\ :requirehome@:\ :umask=022:\ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Log analysis program running under apache reboots server!
Nicole, Is it a panic, or does it just silently reboot? If it's a panic, what is the panic message, or any other message on the console when the system crashes? Also, can you get a crash dump? (see the dumpon(8) man page) -brian On Mon, Nov 13, 2000 at 10:58:39AM -0800, Nicole Harrington wrote: Greetings all.. I have been trying to test an apache log analizing program called Nettracker (.sane.com) the program seems nice except for the fact that it keeps rebooting/crashing the server. This would just be labeled crappy software except for the fact that I am running the software as user apache and have setup process limits in login.conf and it is still able to reboot the server. This seems like a real problem and security issue as I have setup limits in /etc/login.conf (see below) and the program is being run via CGI as user apache, yet it is still capable of rebooting the system. Seems like a nice hack to me. If anyone could check over my login.conf settings below and make sure they are correct/ truly usefull, I would really appreciate it! Also any information on how this program could so easily reboot the server would be nice too. Thanks!! Nicole System is 4.1-STABLE and has 256 Megs of memory and 4X that of swap. apacheuser:\ :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\ :cputime=4h:\ :datasize=64M:\ :stacksize=4M:\ :filesize=infinity:\ :memoryuse=64M:\ :priority=0:\ :datasize-cur=32M:\ :stacksize-cur=32M:\ :coredumpsize-cur=0:\ :maxmemorysize-cur=64M:\ :memorylocked=32M:\ :maxproc=128:\ :openfiles=256:\ :tc=standard: ## standard - standard user defaults ## standard:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ :path=~/bin /bin /usr/bin /usr/local/bin:\ :manpath=/usr/share/man /usr/local/man:\ :nologin=/var/run/nologin:\ :cputime=1h30m:\ :datasize=8M:\ :stacksize=2M:\ :memorylocked=4M:\ :memoryuse=8M:\ :filesize=8M:\ :coredumpsize=8M:\ :openfiles=24:\ :maxproc=32:\ :priority=0:\ :requirehome:\ :passwordtime=90d:\ :umask=002:\ :ignoretime@:\ :tc=default: default:\ :cputime=infinity:\ :datasize-cur=22M:\ :stacksize-cur=8M:\ :memorylocked-cur=10M:\ :memoryuse-cur=30M:\ :filesize=infinity:\ :coredumpsize=infinity:\ :maxproc-cur=64:\ :openfiles-cur=64:\ :priority=0:\ :requirehome@:\ :umask=022:\ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message -- Brian O'Shea [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Log analysis program running under apache reboots server!
On 13-Nov-00 Brian O'Shea wrote: Nicole, Is it a panic, or does it just silently reboot? If it's a panic, what is the panic message, or any other message on the console when the system crashes? Also, can you get a crash dump? (see the dumpon(8) man page) -brian Silent reboot :( Nicole On Mon, Nov 13, 2000 at 10:58:39AM -0800, Nicole Harrington wrote: Greetings all.. I have been trying to test an apache log analizing program called Nettracker (.sane.com) the program seems nice except for the fact that it keeps rebooting/crashing the server. This would just be labeled crappy software except for the fact that I am running the software as user apache and have setup process limits in login.conf and it is still able to reboot the server. This seems like a real problem and security issue as I have setup limits in /etc/login.conf (see below) and the program is being run via CGI as user apache, yet it is still capable of rebooting the system. Seems like a nice hack to me. If anyone could check over my login.conf settings below and make sure they are correct/ truly usefull, I would really appreciate it! Also any information on how this program could so easily reboot the server would be nice too. Thanks!! Nicole System is 4.1-STABLE and has 256 Megs of memory and 4X that of swap. apacheuser:\ :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\ :cputime=4h:\ :datasize=64M:\ :stacksize=4M:\ :filesize=infinity:\ :memoryuse=64M:\ :priority=0:\ :datasize-cur=32M:\ :stacksize-cur=32M:\ :coredumpsize-cur=0:\ :maxmemorysize-cur=64M:\ :memorylocked=32M:\ :maxproc=128:\ :openfiles=256:\ :tc=standard: ## standard - standard user defaults ## standard:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ :path=~/bin /bin /usr/bin /usr/local/bin:\ :manpath=/usr/share/man /usr/local/man:\ :nologin=/var/run/nologin:\ :cputime=1h30m:\ :datasize=8M:\ :stacksize=2M:\ :memorylocked=4M:\ :memoryuse=8M:\ :filesize=8M:\ :coredumpsize=8M:\ :openfiles=24:\ :maxproc=32:\ :priority=0:\ :requirehome:\ :passwordtime=90d:\ :umask=002:\ :ignoretime@:\ :tc=default: default:\ :cputime=infinity:\ :datasize-cur=22M:\ :stacksize-cur=8M:\ :memorylocked-cur=10M:\ :memoryuse-cur=30M:\ :filesize=infinity:\ :coredumpsize=infinity:\ :maxproc-cur=64:\ :openfiles-cur=64:\ :priority=0:\ :requirehome@:\ :umask=022:\ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message -- Brian O'Shea [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message [EMAIL PROTECTED] |\ __ /| (`\ http://www.unixgirl.com/ [EMAIL PROTECTED] | o_o |__ ) ) http://www.dangermouse.org/ [EMAIL PROTECTED] // \\http://www.deviantimages.com/ ---(((---(((- -- Powered by Coka-Cola and FreeBSD -- -- Strong as any man - made for a Woman -- -- "I drank WHAT ?!" - Socrates -- Hmm You seem better - "been giving myself shock treatments" Up the Voltage! - To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Log analysis program running under apache reboots server!
On 13-Nov-00 Nicole H wrote: On 13-Nov-00 Brian O'Shea wrote: Nicole, Is it a panic, or does it just silently reboot? If it's a panic, what is the panic message, or any other message on the console when the system crashes? Also, can you get a crash dump? (see the dumpon(8) man page) -brian Silent reboot :( I hate to respond to my own message.. But the server is remote.. But there is nothing in the logs afterwards.. and nothing appears on the screen when it occurs. Nicole Nicole On Mon, Nov 13, 2000 at 10:58:39AM -0800, Nicole Harrington wrote: Greetings all.. I have been trying to test an apache log analizing program called Nettracker (.sane.com) the program seems nice except for the fact that it keeps rebooting/crashing the server. This would just be labeled crappy software except for the fact that I am running the software as user apache and have setup process limits in login.conf and it is still able to reboot the server. This seems like a real problem and security issue as I have setup limits in /etc/login.conf (see below) and the program is being run via CGI as user apache, yet it is still capable of rebooting the system. Seems like a nice hack to me. If anyone could check over my login.conf settings below and make sure they are correct/ truly usefull, I would really appreciate it! Also any information on how this program could so easily reboot the server would be nice too. Thanks!! Nicole System is 4.1-STABLE and has 256 Megs of memory and 4X that of swap. apacheuser:\ :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\ :cputime=4h:\ :datasize=64M:\ :stacksize=4M:\ :filesize=infinity:\ :memoryuse=64M:\ :priority=0:\ :datasize-cur=32M:\ :stacksize-cur=32M:\ :coredumpsize-cur=0:\ :maxmemorysize-cur=64M:\ :memorylocked=32M:\ :maxproc=128:\ :openfiles=256:\ :tc=standard: ## standard - standard user defaults ## standard:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ :path=~/bin /bin /usr/bin /usr/local/bin:\ :manpath=/usr/share/man /usr/local/man:\ :nologin=/var/run/nologin:\ :cputime=1h30m:\ :datasize=8M:\ :stacksize=2M:\ :memorylocked=4M:\ :memoryuse=8M:\ :filesize=8M:\ :coredumpsize=8M:\ :openfiles=24:\ :maxproc=32:\ :priority=0:\ :requirehome:\ :passwordtime=90d:\ :umask=002:\ :ignoretime@:\ :tc=default: default:\ :cputime=infinity:\ :datasize-cur=22M:\ :stacksize-cur=8M:\ :memorylocked-cur=10M:\ :memoryuse-cur=30M:\ :filesize=infinity:\ :coredumpsize=infinity:\ :maxproc-cur=64:\ :openfiles-cur=64:\ :priority=0:\ :requirehome@:\ :umask=022:\ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message -- Brian O'Shea [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message [EMAIL PROTECTED] |\ __ /| (`\ http://www.unixgirl.com/ [EMAIL PROTECTED] | o_o |__ ) ) http://www.dangermouse.org/ [EMAIL PROTECTED] // \\http://www.deviantimages.com/ ---(((---(((- -- Powered by Coka-Cola and FreeBSD -- -- Strong as any man - made for a Woman -- -- "I drank WHAT ?!" - Socrates -- Hmm You seem better - "been giving myself shock treatments" Up the Voltage! - To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message [EMAIL PROTECTED] |\ __ /| (`\ http://www.unixgirl.com/ [EMAIL PROTECTED] | o_o |__ ) ) http://www.dangermouse.org/ [EMAIL PROTECTED] // \\http://www.deviantimages.com/ ---(((---(((- -- Powered by Coka-Cola and FreeBSD -- -- Strong as any man - made for a Woman -- -- "I drank WHAT ?!" - Socrates -- Hmm You seem better - "been giving myself shock treatments" Up the Voltage! - To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Log analysis program running under apache reboots server!
Likely, you're getting a panic() and since you likely don't have debugging options, the machine eventually reboots itself. Notice that this is all "likely" and that since we don't have a crash dump, stack trace, or similar debugging information, that there's not much that can be done except guessing. I would suggest that you try to reproduce the problem on a local machine and get some debugging info. On Mon, 13 Nov 2000, Nicole wrote: Silent reboot :( I hate to respond to my own message.. But the server is remote.. But there is nothing in the logs afterwards.. and nothing appears on the screen when it occurs. Nicole [...] apacheuser:\ :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\ :cputime=4h:\ :datasize=64M:\ :stacksize=4M:\ :filesize=infinity:\ :memoryuse=64M:\ :priority=0:\ :datasize-cur=32M:\ :stacksize-cur=32M:\ :coredumpsize-cur=0:\ :maxmemorysize-cur=64M:\ :memorylocked=32M:\ :maxproc=128:\ :openfiles=256:\ :tc=standard: ## standard - standard user defaults ## standard:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ :path=~/bin /bin /usr/bin /usr/local/bin:\ :manpath=/usr/share/man /usr/local/man:\ :nologin=/var/run/nologin:\ :cputime=1h30m:\ :datasize=8M:\ :stacksize=2M:\ :memorylocked=4M:\ :memoryuse=8M:\ :filesize=8M:\ :coredumpsize=8M:\ :openfiles=24:\ :maxproc=32:\ :priority=0:\ :requirehome:\ :passwordtime=90d:\ :umask=002:\ :ignoretime@:\ :tc=default: default:\ :cputime=infinity:\ :datasize-cur=22M:\ :stacksize-cur=8M:\ :memorylocked-cur=10M:\ :memoryuse-cur=30M:\ :filesize=infinity:\ :coredumpsize=infinity:\ :maxproc-cur=64:\ :openfiles-cur=64:\ :priority=0:\ :requirehome@:\ :umask=022:\ For starters, I don't see "sbsize" in there, although it doesn't sound like something that should be causing a panic() anymore anyway. Please provide more debugging infos. Thanks, Bosko Milekic [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Log analysis program running under apache reboots server!
On Mon, Nov 13, 2000 at 11:56:37AM -0700, Nicole H wrote: On 13-Nov-00 Brian O'Shea wrote: Nicole, Is it a panic, or does it just silently reboot? If it's a panic, what is the panic message, or any other message on the console when the system crashes? Also, can you get a crash dump? (see the dumpon(8) man page) -brian Silent reboot :( Be sure the machine is setup to capture a crashdump on panic. I had a machine that was doing this, and wehn I got it to do proper crashdumps, I got a good lead on the problem. in my case, I set aside a raw partition, and setup this in rc.conf: dumpdev="/dev/rda2s1h" # Device name to crashdump to (if enabled). Then I symlinked /var/crash to someplace else, because my /var wasn't too big. Good Luck. -- Robert Sexton - [EMAIL PROTECTED], Cincinnati OH, USA The individual choice of garnishment of a burger can be an important point to the consumer in this day when individualism is an increasingly important thing to people. -- Donald N. Smith, president of Burger King To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Log analysis program running under apache reboots server!
On Mon, Nov 13, 2000 at 11:56:37AM -0700, Nicole H wrote: On 13-Nov-00 Brian O'Shea wrote: Nicole, Is it a panic, or does it just silently reboot? If it's a panic, what is the panic message, or any other message on the console when the system crashes? Also, can you get a crash dump? (see the dumpon(8) man page) -brian Silent reboot :( Are you logged in on a network terminal via ssh or telnet or the like, or on a serial console via a terminal server? The panic message will only appear on the console, so unless it's the latter, it will be hard to determine the cause of the problem. There are good instructions on how to get debugging information for kernel crashes here: http://www.freebsd.org/handbook/kerneldebug.html -brian -- Brian O'Shea [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message