* Problems with procfs
@ 2011-05-10 9:26 Marco Weber
2011-05-11 16:22 ` Valdis.Kletnieks
0 siblings, 1 reply; 2+ messages in thread
From: Marco Weber @ 2011-05-10 9:26 UTC (permalink / raw)
To: linux-kernel
Hi,
I don't know wether i'm right on this list or not, but i didn't know
where i can find some answers to my problem with procfs.
I'm administrating approx. 60 linux machines (all of them ubuntu 8.04 or
10.04 LTS). All of them are dedicated servers.
On 2 machines (both ubuntu 10.04 LTS of www.OVH.fr), i've discovered
some strange filesystem permissions of the /proc directory.
The machine m88 got newly installed with a fresh image by OVH:
root@m88:~# ls -al /proc/
total 4
dr-xr-xr-x 117 root root 0 2011-05-09 20:49 .
drwxr-xr-x 22 root root 4096 2011-05-09 20:42 ..
dr-x------ 6 root root 0 2011-05-09 20:50 1
dr-x------ 6 root root 0 2011-05-09 20:50 10
dr-x------ 6 root root 0 2011-05-09 20:50 11
dr-x------ 6 root root 0 2011-05-09 20:50 12
dr-x------ 6 root root 0 2011-05-09 20:50 13
dr-x------ 6 root root 0 2011-05-09 20:50 1359
[...]
As you see the directory has 500 permissions. ( On all other machines
the /proc has 555 permissions. )
This leads to the strange behavior, that a non-root user cannot see all
proccesses running:
root@m88:~# su - marco
marco@m88:~$ ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
marco 15773 0.0 0.0 37096 1408 pts/0 S 10:58 0:00 su - marco
marco 15774 5.5 0.0 24180 6876 pts/0 S 10:58 0:00 -su
marco 15799 0.0 0.0 15296 1216 pts/0 R+ 10:58 0:00 ps aux
marco@m88:~$
This is the kernel that is running:
root@m88:~# uname -a
Linux m88 2.6.38.2-grsec-xxxx-grs-ipv6-64 #1 SMP Fri Apr 15 17:44:15 UTC
2011 x86_64 GNU/Linux
And there is something else, that is strange:
root@m88:~# lsmod
Opening /proc/modules: No such file or directory
Does anyone have any idea why this is happening?
Is there maybe a sysctl setting, where i can change the /proc permissions?
Thanks in advance for any reply,
Marco
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Problems with procfs
2011-05-10 9:26 Problems with procfs Marco Weber
@ 2011-05-11 16:22 ` Valdis.Kletnieks
0 siblings, 0 replies; 2+ messages in thread
From: Valdis.Kletnieks @ 2011-05-11 16:22 UTC (permalink / raw)
To: Marco Weber; +Cc: linux-kernel
[-- Attachment #1: Type: text/plain, Size: 402 bytes --]
On Tue, 10 May 2011 11:26:43 +0200, Marco Weber said:
> As you see the directory has 500 permissions. ( On all other machines
> the /proc has 555 permissions. )
> This is the kernel that is running:
> root@m88:~# uname -a
> Linux m88 2.6.38.2-grsec-xxxx-grs-ipv6-64 #1 SMP Fri Apr 15 17:44:15 UTC
Aha. "grsec".
You run a kernel with grsecurity compiled in, this sort of stuff happens by design.
[-- Attachment #2: Type: application/pgp-signature, Size: 227 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-05-11 16:23 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-05-10 9:26 Problems with procfs Marco Weber
2011-05-11 16:22 ` Valdis.Kletnieks
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox