Need advice re: checking permissions !?
Hi; Don't waste time on explaining how permissions work. I have got that right down to the kernel level. I have a program that I suspect has a permissions bug. I have checked dmesg and nothing is said about a permissions problem. Can I count on dmesg ALWAYS being right. Or, is there another way to double check if a program is getting hung up on an incorrect permission for a process and what process it might be. -- Regards Bill Fedora 10, Gnome 2.24.3 Evo.2.24.5, Emacs 22.3.1 -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Need advice re: checking permissions !?
William Case wrote:
Hi;
Don't waste time on explaining how permissions work. I have got that
right down to the kernel level.
I have a program that I suspect has a permissions bug. I have checked
dmesg and nothing is said about a permissions problem. Can I count on
dmesg ALWAYS being right. Or, is there another way to double check if a
program is getting hung up on an incorrect permission for a process and
what process it might be.
First off, any given program may not report errors. Error reporting is
up to the programmer (I'd sack any programmer working for me that
didn't do error reporting, but that's just me). Example:
int fd;
fd = open("/etc/fradleybard.conf", O_RDONLY);
if (fd < 0)
fprintf(stderr, "Can't open fradleybard.conf\n");
exit(1);
The "if (fd < 0)" and such is completely up to me. If I didn't include
it, you'd have no idea what went wrong and it wouldn't be in dmesg or
/var/log/messages. If it were an SELinux constraint violation, it might
show up in an SELinux audit log. Did you check audit.log for SELinux
issues? Also note that running in SELinux permissive mode is NOT the
same as running in SELinux disabled mode--there are some things that are
still blocked even in permissive mode. Not a lot, but some.
You might want to see if the program in question has a debug mode or
debug level you can set to make it more verbose about what it's doing.
If the process is hung up, try using "lsof" to get a list of the files
that process is opening and accessing.
lsof -pOR
lsof -c /regular-expresssion-matching-command-name/
(e.g. "lsof -c /gnome.*/" would list all files opened by all commands
starting with "gnome"). Tack on a "-r n" to repeat the list every "n"
seconds until you CTRL-C the lsof process.
"strace"ing the program in question may also give you a clue as to what
the problem is.
--
- Rick Stevens, Systems Engineer ri...@nerd.com -
- AIM/Skype: therps2ICQ: 22643734Yahoo: origrps2 -
--
- To understand recursion, you must first understand recursion.-
--
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Need advice re: checking permissions !?
Hi Rick and thanks;
On Fri, 2009-05-15 at 11:24 -0700, Rick Stevens wrote:
> William Case wrote:
> > Hi;
> >
> > Don't waste time on explaining how permissions work. I have got that
> > right down to the kernel level.
> >
> > I have a program that I suspect has a permissions bug. I have checked
> > dmesg and nothing is said about a permissions problem. Can I count on
> > dmesg ALWAYS being right. Or, is there another way to double check if a
> > program is getting hung up on an incorrect permission for a process and
> > what process it might be.
>
> First off, any given program may not report errors. Error reporting is
> up to the programmer (I'd sack any programmer working for me that
> didn't do error reporting, but that's just me). Example:
>
> int fd;
> fd = open("/etc/fradleybard.conf", O_RDONLY);
> if (fd < 0)
> fprintf(stderr, "Can't open fradleybard.conf\n");
> exit(1);
>
> The "if (fd < 0)" and such is completely up to me. If I didn't include
> it, you'd have no idea what went wrong and it wouldn't be in dmesg or
> /var/log/messages. If it were an SELinux constraint violation, it might
> show up in an SELinux audit log. Did you check audit.log for SELinux
> issues? Also note that running in SELinux permissive mode is NOT the
> same as running in SELinux disabled mode--there are some things that are
> still blocked even in permissive mode. Not a lot, but some.
>
> You might want to see if the program in question has a debug mode or
> debug level you can set to make it more verbose about what it's doing.
>
> If the process is hung up, try using "lsof" to get a list of the files
> that process is opening and accessing.
>
> lsof -pOR
> lsof -c /regular-expresssion-matching-command-name/
>
> (e.g. "lsof -c /gnome.*/" would list all files opened by all commands
> starting with "gnome"). Tack on a "-r n" to repeat the list every "n"
> seconds until you CTRL-C the lsof process.
>
> "strace"ing the program in question may also give you a clue as to what
> the problem is.
You have given me a lot to work with not the least of which is the
proper terminology to dig deeper if I have to.
--
Regards Bill
Fedora 10, Gnome 2.24.3
Evo.2.24.5, Emacs 22.3.1
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Need advice re: checking permissions !?
2009/5/15 William Case : > Hi; > > Don't waste time on explaining how permissions work. I have got that > right down to the kernel level. > > I have a program that I suspect has a permissions bug. I have checked > dmesg and nothing is said about a permissions problem. Can I count on > dmesg ALWAYS being right. Or, is there another way to double check if a > program is getting hung up on an incorrect permission for a process and What kind of permissions are you talking about? I assume you are referring to file permissions. Given that, I don't understand why you are looking to dmesg. Assuming I'm interpreting your question correctly, to know exactly what it's happening I would use 'strace'. Bye -- Giuseppe Fuggiano Linux user #483710 -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: Need advice re: checking permissions !?
William Case wrote: > I have a program that I suspect has a permissions bug. It could be an SELinux-related problem. Kevin Kofler -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
