Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-12 Thread Armin K.
On 12.1.2014 21:12, BLFS Trac wrote:
> #4556: Add package: lsof_4.87
> +---
>   Reporter:  fo  |   Owner:  fo
>   Type:  task|  Status:  assigned
>   Priority:  normal  |   Milestone:  current
> Component:  BOOK| Version:  SVN
>   Severity:  normal  |  Resolution:
>   Keywords:  |
> +---
>
> Comment (by bdubbs@…):
>
>   This one is a little unusual:
>
>   {{{
>   tar -xf lsof_4.87.tar.bz2
>   cd lsof_4.87
>   tar -xf lsof_4.87_src
>   cd lsof_4.87_src
>   yes n |./Configure linux
>   make CFGL="-L./lib -ltirpc"
>
>   pushd tests
>   make
>   popd
>   }}}
>
>   The install is manual.  I recommend something like:
>
>   {{{
>   groupadd -g 63 lsof
>   install -4750 -o root -g lsof lsof /lib
>   install lsof.8 /usr/share/man/man.8
>   }}}
>

Why do you install in /lib and why do you need a seperate group? I 
installed it in /usr/bin and haven't added any group, nor has any other 
linux distribution I looked for the instructions for it.
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-12 Thread Bruce Dubbs
Armin K. wrote:
> On 12.1.2014 21:12, BLFS Trac wrote:
>> #4556: Add package: lsof_4.87

>>The install is manual.  I recommend something like:
>>
>>{{{
>>groupadd -g 63 lsof
>>install -4750 -o root -g lsof lsof /lib
>>install lsof.8 /usr/share/man/man.8
>>}}}
>>
>
> Why do you install in /lib and why do you need a seperate group? I
> installed it in /usr/bin and haven't added any group, nor has any other
> linux distribution I looked for the instructions for it.

Well, /lib was obviously wrong.  I was thinking /sbin.  In any case, I 
think it might be useful in a situation where /usr is not available. 
It's probably not critical though.   It was just a suggestion.

The separate group may be overkill.  I'm OK without it.

   -- Bruce



-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page


Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-12 Thread Fernando de Oliveira
Em 12-01-2014 18:06, Bruce Dubbs escreveu:
> Armin K. wrote:
>> On 12.1.2014 21:12, BLFS Trac wrote:
>>> #4556: Add package: lsof_4.87
> 
>>>The install is manual.  I recommend something like:
>>>
>>>{{{
>>>groupadd -g 63 lsof
>>>install -4750 -o root -g lsof lsof /lib
>>>install lsof.8 /usr/share/man/man.8
>>>}}}
>>>
>>
>> Why do you install in /lib and why do you need a seperate group? I
>> installed it in /usr/bin and haven't added any group, nor has any other
>> linux distribution I looked for the instructions for it.
> 
> Well, /lib was obviously wrong.  I was thinking /sbin.  In any case, I 
> think it might be useful in a situation where /usr is not available. 
> It's probably not critical though.   It was just a suggestion.
> 
> The separate group may be overkill.  I'm OK without it.
> 
>-- Bruce


Bruce, thank you very much for the instructions, Armin, thank you very
much for the corrections.

I will try to build it tomorrow.

Can any of you imagine a situation where the system is running, but a
problem occurred and to debug lsof would help? This would make it useful
in /lib.


-- 
[]s,
Fernando
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page


Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-12 Thread Fernando de Oliveira
Em 12-01-2014 19:19, Fernando de Oliveira escreveu:
> Em 12-01-2014 18:06, Bruce Dubbs escreveu:
>> Armin K. wrote:
>>> On 12.1.2014 21:12, BLFS Trac wrote:
 #4556: Add package: lsof_4.87
>>
The install is manual.  I recommend something like:

{{{
groupadd -g 63 lsof
install -4750 -o root -g lsof lsof /lib
install lsof.8 /usr/share/man/man.8
}}}

>>>
>>> Why do you install in /lib and why do you need a seperate group? I
>>> installed it in /usr/bin and haven't added any group, nor has any other
>>> linux distribution I looked for the instructions for it.
>>
>> Well, /lib was obviously wrong.  I was thinking /sbin.  In any case, I 
>> think it might be useful in a situation where /usr is not available. 
>> It's probably not critical though.   It was just a suggestion.
>>
>> The separate group may be overkill.  I'm OK without it.
>>
>>-- Bruce
> 
> 
> Bruce, thank you very much for the instructions, Armin, thank you very
> much for the corrections.
> 
> I will try to build it tomorrow.
> 
> Can any of you imagine a situation where the system is running, but a
> problem occurred and to debug lsof would help? This would make it useful
> in /lib.
> 
> 

Just found another thread, duplicated (lfs and blfs support), about this
package, where Armin and William Harrington help JouVash:

http://www.mailinglistarchive.com/html/blfs-supp...@linuxfromscratch.org/2013-04/msg00088.html

http://www.mailinglistarchive.com/html/lfs-supp...@linuxfromscratch.org/2013-04/msg00147.html

-- 
[]s,
Fernando
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page


Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-12 Thread akhiezer
> Date: Sun, 12 Jan 2014 21:20:36 +0100
> From: "Armin K." 
> To: BLFS Development List 
> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
>
> On 12.1.2014 21:12, BLFS Trac wrote:
> > #4556: Add package: lsof_4.87
> > +---
> >   Reporter:  fo  |   Owner:  fo
> >   Type:  task|  Status:  assigned
> >   Priority:  normal  |   Milestone:  current
> > Component:  BOOK| Version:  SVN
> >   Severity:  normal  |  Resolution:
> >   Keywords:  |
> > +---
> >
> > Comment (by bdubbs@???):
> >
> >   This one is a little unusual:
> >
> >   {{{
> >   tar -xf lsof_4.87.tar.bz2
> >   cd lsof_4.87
> >   tar -xf lsof_4.87_src
> >   cd lsof_4.87_src
> >   yes n |./Configure linux


'echo n' ?


> >   make CFGL="-L./lib -ltirpc"
> >
> >   pushd tests
> >   make
> >   popd
> >   }}}
> >
> >   The install is manual.  I recommend something like:
> >
> >   {{{
> >   groupadd -g 63 lsof
> >   install -4750 -o root -g lsof lsof /lib


0755 root root /usr/bin/lsof , (ie not suid) & no addl gp ?



rgds,
akh


> >   install lsof.8 /usr/share/man/man.8
> >   }}}
> >
>
> Why do you install in /lib and why do you need a seperate group? I 
> installed it in /usr/bin and haven't added any group, nor has any other 
> linux distribution I looked for the instructions for it.
> -- 
>


--
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page


Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-12 Thread Bruce Dubbs
akhiezer wrote:
>> Date: Sun, 12 Jan 2014 21:20:36 +0100
>> From: "Armin K." 
>> To: BLFS Development List 
>> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
>>
>> On 12.1.2014 21:12, BLFS Trac wrote:
>>> #4556: Add package: lsof_4.87
>>> +---
>>>Reporter:  fo  |   Owner:  fo
>>>Type:  task|  Status:  assigned
>>>Priority:  normal  |   Milestone:  current
>>> Component:  BOOK| Version:  SVN
>>>Severity:  normal  |  Resolution:
>>>Keywords:  |
>>> +---
>>>
>>> Comment (by bdubbs@???):
>>>
>>>This one is a little unusual:
>>>
>>>{{{
>>>tar -xf lsof_4.87.tar.bz2
>>>cd lsof_4.87
>>>tar -xf lsof_4.87_src
>>>cd lsof_4.87_src
>>>yes n |./Configure linux
>
>
> 'echo n' ?

No, it asks two questions.


>>>make CFGL="-L./lib -ltirpc"
>>>
>>>pushd tests
>>>make
>>>popd
>>>}}}
>>>
>>>The install is manual.  I recommend something like:
>>>
>>>{{{
>>>groupadd -g 63 lsof
>>>install -4750 -o root -g lsof lsof /lib
>
>
> 0755 root root /usr/bin/lsof , (ie not suid) & no addl gp ?

Some of the things it does requires root, even when run as a 
non-privileged user.

   -- Bruce

-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page


Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-12 Thread akhiezer
> Date: Sun, 12 Jan 2014 17:05:27 -0600
> From: Bruce Dubbs 
> To: BLFS Development List 
> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
>
> akhiezer wrote:
> >> Date: Sun, 12 Jan 2014 21:20:36 +0100
> >> From: "Armin K." 
> >> To: BLFS Development List 
> >> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: 
> >> lsof_4.87
> >>
> >> On 12.1.2014 21:12, BLFS Trac wrote:
> >>> #4556: Add package: lsof_4.87
> >>> +---
> >>>Reporter:  fo  |   Owner:  fo
> >>>Type:  task|  Status:  assigned
> >>>Priority:  normal  |   Milestone:  current
> >>> Component:  BOOK| Version:  SVN
> >>>Severity:  normal  |  Resolution:
> >>>Keywords:  |
> >>> +---
> >>>
> >>> Comment (by bdubbs@???):
> >>>
> >>>This one is a little unusual:
> >>>
> >>>{{{
> >>>tar -xf lsof_4.87.tar.bz2
> >>>cd lsof_4.87
> >>>tar -xf lsof_4.87_src
> >>>cd lsof_4.87_src
> >>>yes n |./Configure linux
> >
> >
> > 'echo n' ?
>
> No, it asks two questions.
>


Yes, and? So the first question gets 'n' and the second question gets default 
and you get the inventory part done.


>
> >>>make CFGL="-L./lib -ltirpc"
> >>>
> >>>pushd tests
> >>>make
> >>>popd
> >>>}}}
> >>>
> >>>The install is manual.  I recommend something like:
> >>>
> >>>{{{
> >>>groupadd -g 63 lsof
> >>>install -4750 -o root -g lsof lsof /lib
> >
> >
> > 0755 root root /usr/bin/lsof , (ie not suid) & no addl gp ?
>
> Some of the things it does requires root, even when run as a 
> non-privileged user.
>


Eeek. I'll keep it non-setuid, tyvm.



akh



>-- Bruce
>
> -- 
>


--
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page


Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-12 Thread Bruce Dubbs
akhiezer wrote:
>> Date: Sun, 12 Jan 2014 17:05:27 -0600
>> From: Bruce Dubbs 
>> To: BLFS Development List 
>> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
>>
>> akhiezer wrote:
>>>> Date: Sun, 12 Jan 2014 21:20:36 +0100
>>>> From: "Armin K." 
>>>> To: BLFS Development List 
>>>> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: 
>>>> lsof_4.87
>>>>
>>>> On 12.1.2014 21:12, BLFS Trac wrote:
>>>>> #4556: Add package: lsof_4.87
>>>>> +---
>>>>> Reporter:  fo  |   Owner:  fo
>>>>> Type:  task|  Status:  assigned
>>>>> Priority:  normal  |   Milestone:  current
>>>>> Component:  BOOK| Version:  SVN
>>>>> Severity:  normal  |  Resolution:
>>>>> Keywords:  |
>>>>> +---
>>>>>
>>>>> Comment (by bdubbs@???):
>>>>>
>>>>> This one is a little unusual:
>>>>>
>>>>> {{{
>>>>> tar -xf lsof_4.87.tar.bz2
>>>>> cd lsof_4.87
>>>>> tar -xf lsof_4.87_src
>>>>> cd lsof_4.87_src
>>>>> yes n |./Configure linux
>>>
>>>
>>> 'echo n' ?
>>
>> No, it asks two questions.
>
> Yes, and? So the first question gets 'n' and the second question gets default
> and you get the inventory part done.

How do you get he CR for the 2nd question into a script?

>>> 0755 root root /usr/bin/lsof , (ie not suid) & no addl gp ?
>>
>> Some of the things it does requires root, even when run as a
>> non-privileged user.
>>
>
>
> Eeek. I'll keep it non-setuid, tyvm.

LOL.  Your distro...

   -- Bruce
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page


Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-13 Thread akhiezer
> From blfs-dev-boun...@linuxfromscratch.org Mon Jan 13 02:55:59 2014
> Date: Sun, 12 Jan 2014 21:02:47 -0600
> From: Bruce Dubbs 
> To: BLFS Development List 
> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
>
.
.
> >>>>> yes n |./Configure linux
> >>>
> >>>
> >>> 'echo n' ?
> >>
> >> No, it asks two questions.
> >
> > Yes, and? So the first question gets 'n' and the second question gets 
> > default
> > and you get the inventory part done.


s/done/not done (in each case)/


>
> How do you get he CR for the 2nd question into a script?
>


Don't need to explicitly here. The consequent fall-through to 
'./Customize ...' gives the adjusted 'machine.h'; cf/re not running as set*id. 
(Or you can just modify machine.h directly after the main ./Configure ).


> >>> 0755 root root /usr/bin/lsof , (ie not suid) & no addl gp ?
> >>
> >> Some of the things it does requires root, even when run as a
> >> non-privileged user.
> >>
> >
> >
> > Eeek. I'll keep it non-setuid, tyvm.
>
> LOL.  Your distro...
>


Indeed, 'LOL' while recommending folks install as set*id; even moreso as it's 
not really needed. (Lsof 'needed' [even though it didn't really] set*id even 
while containing (thus-)rootable exploits). General default re set*id should 
be no unless strong (which includes/implies known, understood) reason to 
enable. Why do you need/want set*id ?



rgds,
akhiezer



>-- Bruce
> -- 
>


--
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page


Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-13 Thread Ken Moffat
On Sun, Jan 12, 2014 at 09:02:47PM -0600, Bruce Dubbs wrote:
> akhiezer wrote:
> >> Date: Sun, 12 Jan 2014 17:05:27 -0600
> >> From: Bruce Dubbs 
> >> To: BLFS Development List 
> >> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: 
> >> lsof_4.87
> >>

> >> Some of the things it does requires root, even when run as a
> >> non-privileged user.
> >>
> >
> >
> > Eeek. I'll keep it non-setuid, tyvm.
> 
> LOL.  Your distro...
> 
>-- Bruce

 Does it work when installed suid (on x86_64) ?  I used to build it,
but stopped doing that several years ago.  Partly, the weird
packaging, and test failures, if I recall correctly, caused me to
discount it.  But I also think that on the rare occasions I tried to
use it (mostly development-kernel problems, probably also when I've
had problems in the nfs area) it was less than useful.  That was
with it installed non-suid.

ĸen
-- 
das eine Mal als Tragödie, dieses Mal als Farce
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-13 Thread Armin K.
On 01/13/2014 06:39 PM, Bruce Dubbs wrote:
> Ken Moffat wrote:
>> On Sun, Jan 12, 2014 at 09:02:47PM -0600, Bruce Dubbs wrote:
>>> akhiezer wrote:
>>>>> Date: Sun, 12 Jan 2014 17:05:27 -0600
>>>>> From: Bruce Dubbs 
>>>>> To: BLFS Development List 
>>>>> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: 
>>>>> lsof_4.87
>>>>>
>>
>>>>> Some of the things it does requires root, even when run as a
>>>>> non-privileged user.
>>>>>
>>>>
>>>>
>>>> Eeek. I'll keep it non-setuid, tyvm.
>>>
>>> LOL.  Your distro...
>>>
>>> -- Bruce
>>
>>   Does it work when installed suid (on x86_64) ?  I used to build it,
>> but stopped doing that several years ago.  Partly, the weird
>> packaging, and test failures, if I recall correctly, caused me to
>> discount it.  But I also think that on the rare occasions I tried to
>> use it (mostly development-kernel problems, probably also when I've
>> had problems in the nfs area) it was less than useful.  That was
>> with it installed non-suid.
> 
> lsof needs to read:
> 
> crw-r- 1 root kmem 1,  2 Jul 26 19:14 /dev/kmem
> 
> That's at least one reason for the suid bit.
> 
>-- Bruce
> 
> 
> 

Since you decided to put it in /sbin which isn't and shouldn't be in
normal user path, it should be only run as root because of that.

On the other hand, I can perfectly run it as normal user. It might just
print a warning though, it isn't anything critical if it can't open
/dev/kmem. That shouldn't be something user should be able to read anyways.

-- 
Note: My last name is not Krejzi.
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page


Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-13 Thread Bruce Dubbs
Ken Moffat wrote:
> On Sun, Jan 12, 2014 at 09:02:47PM -0600, Bruce Dubbs wrote:
>> akhiezer wrote:
>>>> Date: Sun, 12 Jan 2014 17:05:27 -0600
>>>> From: Bruce Dubbs 
>>>> To: BLFS Development List 
>>>> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: 
>>>> lsof_4.87
>>>>
>
>>>> Some of the things it does requires root, even when run as a
>>>> non-privileged user.
>>>>
>>>
>>>
>>> Eeek. I'll keep it non-setuid, tyvm.
>>
>> LOL.  Your distro...
>>
>> -- Bruce
>
>   Does it work when installed suid (on x86_64) ?  I used to build it,
> but stopped doing that several years ago.  Partly, the weird
> packaging, and test failures, if I recall correctly, caused me to
> discount it.  But I also think that on the rare occasions I tried to
> use it (mostly development-kernel problems, probably also when I've
> had problems in the nfs area) it was less than useful.  That was
> with it installed non-suid.

lsof needs to read:

crw-r- 1 root kmem 1,  2 Jul 26 19:14 /dev/kmem

That's at least one reason for the suid bit.

   -- Bruce



-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page


Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87

2014-01-13 Thread Ken Moffat
On Mon, Jan 13, 2014 at 06:45:43PM +0100, Armin K. wrote:
> On 01/13/2014 06:39 PM, Bruce Dubbs wrote:
> > Ken Moffat wrote:
> >>
> >>   Does it work when installed suid (on x86_64) ?  I used to build it,
> >> but stopped doing that several years ago.  Partly, the weird
> >> packaging, and test failures, if I recall correctly, caused me to
> >> discount it.  But I also think that on the rare occasions I tried to
> >> use it (mostly development-kernel problems, probably also when I've
> >> had problems in the nfs area) it was less than useful.  That was
> >> with it installed non-suid.
> > 
> > lsof needs to read:
> > 
> > crw-r- 1 root kmem 1,  2 Jul 26 19:14 /dev/kmem
> > 
> > That's at least one reason for the suid bit.
> > 
> >-- Bruce
> > 
> > 
> > 
> 
> Since you decided to put it in /sbin which isn't and shouldn't be in
> normal user path, it should be only run as root because of that.
> 
> On the other hand, I can perfectly run it as normal user. It might just
> print a warning though, it isn't anything critical if it can't open
> /dev/kmem. That shouldn't be something user should be able to read anyways.
> 

 I don't even have /dev/kmem, I regard it as a potential
vulnerability.  See e.g. http://lwn.net/Articles/147901/ - in
particular, see Nix's comment from April 2010 near the bottom.

So in my .config:
# CONFIG_DEVKMEM is not set

ĸen
-- 
das eine Mal als Tragödie, dieses Mal als Farce
-- 
http://linuxfromscratch.org/mailman/listinfo/blfs-dev
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page