1. 技术文章
  2. regular user can't read /proc/net/dev

regular user can't read /proc/net/dev

别说谁变了你拦得住时间么 提交于 2019-12-13 13:20:17

问题


I'm pretty sure that I'm missing something here, but I'm not sure exactly what:

This is what root can see:

root@opteron16:/# ls -l | grep proc
dr-xr-xr-x 290 root root     0 2012-01-14 02:03 proc
root@opteron16:/# ls -l proc | grep net
lrwxrwxrwx  1 root       root        8 2012-01-21 03:29 net -> self/net
root@opteron16:/# ls -l proc/net/ | grep dev
-r--r--r-- 1 root root 0 2012-01-14 02:05 dev

This is the ganglia user:

root@opteron16:/# cat /etc/passwd | grep ganglia
ganglia:x:111:119:Ganglia Monitor:/var/lib/ganglia:/bin/false

When I try to access /proc/net/dev with this user:

root@opteron16:/# su -s /bin/bash ganglia
ganglia@opteron16:/$ ls -l /proc | grep net
lrwxrwxrwx  1 root    root     8 2012-01-21 19:49 net -> self/net
ganglia@opteron16:/$ ls -l /proc/net/
ls: reading directory /proc/net/: Invalid argument
total 0
ganglia@opteron16:/$ cat /proc/net/dev
cat: /proc/net/dev: No such file or directory

Would be great to not feel this stupid : ).

Edit

This is something which I've noticed and I've never seen such a behaviour before:

root@opteron16:/proc# ls -l | grep "self -"
lrwxrwxrwx  1 root       root       64 2012-01-22 00:01 self -> 29095
root@opteron16:/proc# ls -l | grep "self -"
lrwxrwxrwx  1 root       root       64 2012-01-22 00:01 self -> 29097
root@opteron16:/proc# ls -l | grep "self -"
lrwxrwxrwx  1 root       root       64 2012-01-22 00:01 self -> 29099

回答1:


Most likely, this is due to your kernel that has been compiled with grsec. i.e.

$ uname -a
Linux xxxx 3.2.13-grsec-xxxx-grs-ipv6-64 #1 SMP Thu Mar 29 09:48:59 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

I have seen this happen on servers hosted by ovh since this is the default kernel they install for you to enable netboot through their admin tools.

To summarize, you can do one of:

  1. run your program as root (+1 for security ovh !)
  2. install the default ubuntu kernel on this box
  3. scream for a while (my favorite)



回答2:


I can't replicate this on my ubuntu

Maybe your system has some kind of chroot'd shells?

Does cat /proc/self/net/dev work for your "ganglia" user?



来源:https://stackoverflow.com/questions/8955724/regular-user-cant-read-proc-net-dev

标签
Ubuntu
permissions
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!