R1Soft CDP 3.0 with Atomic Secured Linux and PAX

If you want to run R1Soft CDP 3.0 on a system protected by Atomic Secured Linux and the ASL enhanced kernel with PaX/grsecurity then you need to disable memory protection for the CDP 3.0 binary. You do this by using paxctl to set the NOMPROTECT flag for the CDP 3.0 binary.

/sbin/paxctl -m /usr/sbin/r1soft/bin/2-6/cdp-2-6

Unfortunately the CDP 3.0 binary lacks the PT_PAX_FLAGS header, so you will receive an error message along the lines of:

file /usr/sbin/r1soft/bin/2-6/cdp-2-6 does not have a PT_PAX_FLAGS program header, try conversion

The solution to this is to first use paxctl to run a conversion on the CDP 3.0 binary which should change the PT_GNU_STACK header to PT_PAX_FLAGS

/sbin/paxctl -c /usr/sbin/r1soft/bin/2-6/cdp-2-6

If this has worked then you should see a message along the lines of

file /usr/sbin/r1soft/bin/2-6/cdp-2-6 had a PT_GNU_STACK program header, converted

Now you should be able to use paxctl to set the NOMPROTECT flag on the CDP 3.0 binary without any errors. Now restart the R1Soft CDP 3.0 agent service and have fun backing up all your previous data 🙂

Categories:R1Soft CDP

Tags:ASL Atomic Secured Linux CDP CDP Advanced Edition CDP Enterprise Edition CDP Standard Edition CDP3 CDP3.0 PAX R1Soft R1Soft CDP

R1Soft CDP / Red Hat and CentOS / Zimbra

Spheron1

R1Soft CDP 3.0 with Atomic Secured Linux and PAX

Leave a Reply Cancel reply

Share

Related Posts

R1Soft CDP scheduler issues

Remove CDP 2.0 cPanel integration

R1Soft CDP 3.0 and commercial SSL certificates

R1Soft CDP 3.0 – java.net.InetAddress.getLocalHost UnknownHostException

Parallels Plesk and Atomic Secured Linux

DomU kernel panic under Xen with R1Soft CDP agent

Leave a Reply Cancel reply