Bruce Dubbs wrote: > Armin K. wrote: >> On 01/13/2014 06:39 PM, Bruce Dubbs wrote: >>> Ken Moffat wrote: >>>> On Sun, Jan 12, 2014 at 09:02:47PM -0600, Bruce Dubbs wrote: >>>>> akhiezer wrote: >>>>>>> Date: Sun, 12 Jan 2014 17:05:27 -0600 >>>>>>> From: Bruce Dubbs <bruce.du...@gmail.com> >>>>>>> To: BLFS Development List <blfs-dev@linuxfromscratch.org> >>>>>>> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add >>>>>>> package: lsof_4.87 >>>>>>> >>>> >>>>>>> Some of the things it does requires root, even when run as a >>>>>>> non-privileged user. >>>>>>> >>>>>> >>>>>> >>>>>> Eeek. I'll keep it non-setuid, tyvm. >>>>> >>>>> LOL. Your distro... >>>>> >>>>> -- Bruce >>>> >>>> Does it work when installed suid (on x86_64) ? I used to build it, >>>> but stopped doing that several years ago. Partly, the weird >>>> packaging, and test failures, if I recall correctly, caused me to >>>> discount it. But I also think that on the rare occasions I tried to >>>> use it (mostly development-kernel problems, probably also when I've >>>> had problems in the nfs area) it was less than useful. That was >>>> with it installed non-suid. >>> >>> lsof needs to read: >>> >>> crw-r----- 1 root kmem 1, 2 Jul 26 19:14 /dev/kmem >>> >>> That's at least one reason for the suid bit. >>> >>> -- Bruce >>> >>> >>> >> >> Since you decided to put it in /sbin which isn't and shouldn't be in >> normal user path, it should be only run as root because of that. >> >> On the other hand, I can perfectly run it as normal user. It might just >> print a warning though, it isn't anything critical if it can't open >> /dev/kmem. That shouldn't be something user should be able to read >> anyways. > > I didn't decide, I suggested. Fernando is doing the page. > > If it prints a warning, it still runs, but what information is it > omitting from the output? I don't know without digging, but the > developer does recommend install using suid. > > If we do set the program suid, perhaps /bin would be better. For my > system, I do have /sbin in my path as a regular user, but that's > basically for development purposes.
After a little bit of reading and experimenting, I now think that lsof should be in /bin but without the suid bit set. I don't get a message about /dev/kmem, but do get a lot of lines with 'Permission Denied' as a regular user. That's probably for the best. lsof could be useful to an admin without /usr mounted, and also useful for a programmer as a regular user. That user would have to filter the 'Permission Denied', but that's probably as it should be. The documentation still recommend suid for linux, but that may be a very old recommendation. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
