Date: Wed, 05 Nov 2003 11:58:21 +1030 From: Kim Needham <kim.needham@rocksoft.com> To: "Robert Collins" <rcollins@hwi.buffalo.edu> Cc: freebsd-security@freebsd.org Subject: Re: Veractiy and FreeBSD Message-ID: <5.2.0.9.0.20031105114806.00b34b98@mail.chariot.net.au> In-Reply-To: <4529.141.149.242.190.1067993236.squirrel@mail.hwi.buffalo. edu> References: <20031104180932.GA70958@rot13.obsecurity.org> <001901c3a2de$7ab72c10$6855cd80@dhcp.hwi.buffalo.edu> <20031104180932.GA70958@rot13.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is caused by a check that determines if the /proc filesystem is on the same device as the file being read to prevent reading in files of infinite length. Since FreeBSD 5.x seems to no longer use a mounted proc filesystem but proc is mounted on the root device, this check will need to be removed for FreeBSD 5.x. In theory you could remove the /proc directory though I have no idea what bad effects that will have, especially if you are using anything that runs in compatibility mode. (Someone more up to date with the changes to FreeBSD 5.x could inform you as to the problems this may cause) Otherwise we will have a new version shortly that will have this problem corrected. Kim Needham (kim.needham@rocksoft.com) Network Engineer, Rocksoft Limited. Ph: +61 8 8232 6262 Fax: +61 8 8232 6264 http://www.rocksoft.com/ Protect your files with Veracity data integrity: http://www.veracity.com/ > > On Tue, Nov 04, 2003 at 09:18:12AM -0500, Robert Collins wrote: > >> I'm trying to get veracity (http://www.rocksoft.com/veracity/), a > >> tripwire > >> replacement, working on FreeBSD 5.x. When I try and create a snapshot I > >> get > >> the following error for files sitting on my root partition: > >> > >> -- snip snip -- > >> > >> csh.logout > >> E: Error opening binary (B) stream of file > >> "/etc/csh.logout". > >> (OS error message="File is on the procfs (/proc) device."). > >> E: Could not obtain attribute B.md5 for this file. > >> > >> -- snip snip -- > >> > >> I've tried taking both PROCFS and PSEUDOFS out of the kernel, to no > >> avail. > >> Anyone have any other ideas? > > > > Talk to the authors? > > > >Kris, > >The last line of my e-mail was originally "Anyone have any other ideas >before I go back to trying to contact their non-existant technical >support?" But I figured I would be nice. :) > >I spoke to someone from rocksoft, but it's a long uninformative story. > >Thanks for the idea though. >-rcollins >_______________________________________________ >freebsd-security@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.2.0.9.0.20031105114806.00b34b98>