I'm not subscribed to current-users@, but Martin forwarded me the mail, so I'm forwarding my answer.
So is this expected and intended consequence, bug or still unfinished part of the project? Just curious (it runs on FreeBSD-current, latest CentOS, NetBSD-8).
It's an undesirable consequence of the fact that we don't leak kernel pointers to everyone anymore, you now need to be root. FreeBSD still leaks things, so lsof works on it. OpenBSD does not, and I doubt it works there. Of course, it would be good to fix it. -------- Message transféré -------- Sujet : Re: [[email protected]: sysutils/lsof stopped working for non-root user] Date : Tue, 25 Sep 2018 14:16:03 +0200 De : Maxime Villard <[email protected]> Pour : Martin Husemann <[email protected]> Le 25/09/2018 à 13:19, Martin Husemann a écrit :
Sounds like your kernel pointer changes?
I've checked, and indeed, lsof retrieves kern.proc2 via KVM, and expects to read kernel memory via p_fd. It doesn't look like there is any solution, apart from opening a new sysctl, that would allow to retrieve the file name without reading kernel memory. But basically programs like lsof are not to be trusted -- I think it is even wrong to give them kmem rights. As far as I can tell, OpenBSD has the same problem, because they too clear kernel pointers, so I don't see how lsof could work there.
