Re: sysutils/lsof stopped working for non-root user
So is this expected and intended consequence, bug or still unfinished part of the project? Just curious (it runs on FreeBSD-current, latest CentOS, NetBSD-8). On Wed, 26 Sep 2018 at 17:33, Christos Zoulas wrote: > > In article > , > Chavdar Ivanov wrote: > >-=-=-=-=-=- > > > >Hi, > > > >On amd64 -current from yesterday the latest lsof returns immediately if > >invoked by non-root user. I am sure it worked a few weeks ago. It works ok > >for the root. > > > >ktruss /usr/pkg/sbin/lsof > > > >returns only: > > > >fcntl(0x4, 0x3, 0)= 4194305 > >emul(netbsd) > >fcntl(0x4, 0x4, 0x41) = 0 > > > >Seeing it is installed setgid kmem, I added myself to the group, no effect. > > > >lsof was rebuilt once more just in case. > > > >Is this some new security measure or a fallout? > > I think this is part of maxv@ changes to hide pointers from userland. > > christos > --
Re: sysutils/lsof stopped working for non-root user
I'm not subscribed to current-users@, but Martin forwarded me the mail, so I'm forwarding my answer. So is this expected and intended consequence, bug or still unfinished part of the project? Just curious (it runs on FreeBSD-current, latest CentOS, NetBSD-8). It's an undesirable consequence of the fact that we don't leak kernel pointers to everyone anymore, you now need to be root. FreeBSD still leaks things, so lsof works on it. OpenBSD does not, and I doubt it works there. Of course, it would be good to fix it. Message transféré Sujet : Re: [ci4...@gmail.com: sysutils/lsof stopped working for non-root user] Date : Tue, 25 Sep 2018 14:16:03 +0200 De : Maxime Villard Pour : Martin Husemann Le 25/09/2018 à 13:19, Martin Husemann a écrit : Sounds like your kernel pointer changes? I've checked, and indeed, lsof retrieves kern.proc2 via KVM, and expects to read kernel memory via p_fd. It doesn't look like there is any solution, apart from opening a new sysctl, that would allow to retrieve the file name without reading kernel memory. But basically programs like lsof are not to be trusted -- I think it is even wrong to give them kmem rights. As far as I can tell, OpenBSD has the same problem, because they too clear kernel pointers, so I don't see how lsof could work there.
Re: sysutils/lsof stopped working for non-root user
On Sep 27, 8:51am, ci4...@gmail.com (Chavdar Ivanov) wrote: -- Subject: Re: sysutils/lsof stopped working for non-root user | So is this expected and intended consequence, bug or still unfinished | part of the project? Just curious (it runs on FreeBSD-current, latest | CentOS, NetBSD-8). I think it is unexpected, but maybe intended. I need to examine why it fails. christos
Re: sysutils/lsof stopped working for non-root user
On Sep 27, 2:56pm, Christos Zoulas wrote: } On Sep 27, 8:51am, ci4...@gmail.com (Chavdar Ivanov) wrote: } } | So is this expected and intended consequence, bug or still unfinished } | part of the project? Just curious (it runs on FreeBSD-current, latest } | CentOS, NetBSD-8). } } I think it is unexpected, but maybe intended. I need to examine why it fails. lsof is known to be a kvm groveller. Does fstat, which comes as part of the NetBSD base install, work? }-- End of excerpt from Christos Zoulas
daily CVS update output
Updating src tree: P src/crypto/external/bsd/openssl/lib/libcrypto/Makefile P src/doc/RESPONSIBLE P src/lib/libcurses/curses_private.h P src/lib/libcurses/get_wch.c P src/lib/libcurses/getch.c P src/share/man/man8/MAKEDEV.8 P src/sys/arch/sgimips/dev/int.c P src/sys/arch/sgimips/include/intr.h P src/sys/arch/x86/include/dbregs.h P src/sys/arch/x86/pci/amdtemp.c P src/sys/arch/x86/x86/dbregs.c P src/sys/dev/pci/pci_subr.c P src/sys/dev/pci/pcireg.h P src/sys/dev/pci/ixgbe/ixgbe.c P src/sys/dev/pci/ixgbe/ixv.c Updating xsrc tree: Killing core files: Updating file list: -rw-rw-r-- 1 srcmastr netbsd 56961225 Sep 28 03:04 ls-lRA.gz