Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
On 12.1.2014 21:12, BLFS Trac wrote: > #4556: Add package: lsof_4.87 > +--- > Reporter: fo | Owner: fo > Type: task| Status: assigned > Priority: normal | Milestone: current > Component: BOOK| Version: SVN > Severity: normal | Resolution: > Keywords: | > +--- > > Comment (by bdubbs@…): > > This one is a little unusual: > > {{{ > tar -xf lsof_4.87.tar.bz2 > cd lsof_4.87 > tar -xf lsof_4.87_src > cd lsof_4.87_src > yes n |./Configure linux > make CFGL="-L./lib -ltirpc" > > pushd tests > make > popd > }}} > > The install is manual. I recommend something like: > > {{{ > groupadd -g 63 lsof > install -4750 -o root -g lsof lsof /lib > install lsof.8 /usr/share/man/man.8 > }}} > Why do you install in /lib and why do you need a seperate group? I installed it in /usr/bin and haven't added any group, nor has any other linux distribution I looked for the instructions for it. -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
Armin K. wrote: > On 12.1.2014 21:12, BLFS Trac wrote: >> #4556: Add package: lsof_4.87 >>The install is manual. I recommend something like: >> >>{{{ >>groupadd -g 63 lsof >>install -4750 -o root -g lsof lsof /lib >>install lsof.8 /usr/share/man/man.8 >>}}} >> > > Why do you install in /lib and why do you need a seperate group? I > installed it in /usr/bin and haven't added any group, nor has any other > linux distribution I looked for the instructions for it. Well, /lib was obviously wrong. I was thinking /sbin. In any case, I think it might be useful in a situation where /usr is not available. It's probably not critical though. It was just a suggestion. The separate group may be overkill. I'm OK without it. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
Em 12-01-2014 18:06, Bruce Dubbs escreveu: > Armin K. wrote: >> On 12.1.2014 21:12, BLFS Trac wrote: >>> #4556: Add package: lsof_4.87 > >>>The install is manual. I recommend something like: >>> >>>{{{ >>>groupadd -g 63 lsof >>>install -4750 -o root -g lsof lsof /lib >>>install lsof.8 /usr/share/man/man.8 >>>}}} >>> >> >> Why do you install in /lib and why do you need a seperate group? I >> installed it in /usr/bin and haven't added any group, nor has any other >> linux distribution I looked for the instructions for it. > > Well, /lib was obviously wrong. I was thinking /sbin. In any case, I > think it might be useful in a situation where /usr is not available. > It's probably not critical though. It was just a suggestion. > > The separate group may be overkill. I'm OK without it. > >-- Bruce Bruce, thank you very much for the instructions, Armin, thank you very much for the corrections. I will try to build it tomorrow. Can any of you imagine a situation where the system is running, but a problem occurred and to debug lsof would help? This would make it useful in /lib. -- []s, Fernando -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
Em 12-01-2014 19:19, Fernando de Oliveira escreveu: > Em 12-01-2014 18:06, Bruce Dubbs escreveu: >> Armin K. wrote: >>> On 12.1.2014 21:12, BLFS Trac wrote: #4556: Add package: lsof_4.87 >> The install is manual. I recommend something like: {{{ groupadd -g 63 lsof install -4750 -o root -g lsof lsof /lib install lsof.8 /usr/share/man/man.8 }}} >>> >>> Why do you install in /lib and why do you need a seperate group? I >>> installed it in /usr/bin and haven't added any group, nor has any other >>> linux distribution I looked for the instructions for it. >> >> Well, /lib was obviously wrong. I was thinking /sbin. In any case, I >> think it might be useful in a situation where /usr is not available. >> It's probably not critical though. It was just a suggestion. >> >> The separate group may be overkill. I'm OK without it. >> >>-- Bruce > > > Bruce, thank you very much for the instructions, Armin, thank you very > much for the corrections. > > I will try to build it tomorrow. > > Can any of you imagine a situation where the system is running, but a > problem occurred and to debug lsof would help? This would make it useful > in /lib. > > Just found another thread, duplicated (lfs and blfs support), about this package, where Armin and William Harrington help JouVash: http://www.mailinglistarchive.com/html/blfs-supp...@linuxfromscratch.org/2013-04/msg00088.html http://www.mailinglistarchive.com/html/lfs-supp...@linuxfromscratch.org/2013-04/msg00147.html -- []s, Fernando -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
> Date: Sun, 12 Jan 2014 21:20:36 +0100 > From: "Armin K." > To: BLFS Development List > Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87 > > On 12.1.2014 21:12, BLFS Trac wrote: > > #4556: Add package: lsof_4.87 > > +--- > > Reporter: fo | Owner: fo > > Type: task| Status: assigned > > Priority: normal | Milestone: current > > Component: BOOK| Version: SVN > > Severity: normal | Resolution: > > Keywords: | > > +--- > > > > Comment (by bdubbs@???): > > > > This one is a little unusual: > > > > {{{ > > tar -xf lsof_4.87.tar.bz2 > > cd lsof_4.87 > > tar -xf lsof_4.87_src > > cd lsof_4.87_src > > yes n |./Configure linux 'echo n' ? > > make CFGL="-L./lib -ltirpc" > > > > pushd tests > > make > > popd > > }}} > > > > The install is manual. I recommend something like: > > > > {{{ > > groupadd -g 63 lsof > > install -4750 -o root -g lsof lsof /lib 0755 root root /usr/bin/lsof , (ie not suid) & no addl gp ? rgds, akh > > install lsof.8 /usr/share/man/man.8 > > }}} > > > > Why do you install in /lib and why do you need a seperate group? I > installed it in /usr/bin and haven't added any group, nor has any other > linux distribution I looked for the instructions for it. > -- > -- -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
akhiezer wrote: >> Date: Sun, 12 Jan 2014 21:20:36 +0100 >> From: "Armin K." >> To: BLFS Development List >> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87 >> >> On 12.1.2014 21:12, BLFS Trac wrote: >>> #4556: Add package: lsof_4.87 >>> +--- >>>Reporter: fo | Owner: fo >>>Type: task| Status: assigned >>>Priority: normal | Milestone: current >>> Component: BOOK| Version: SVN >>>Severity: normal | Resolution: >>>Keywords: | >>> +--- >>> >>> Comment (by bdubbs@???): >>> >>>This one is a little unusual: >>> >>>{{{ >>>tar -xf lsof_4.87.tar.bz2 >>>cd lsof_4.87 >>>tar -xf lsof_4.87_src >>>cd lsof_4.87_src >>>yes n |./Configure linux > > > 'echo n' ? No, it asks two questions. >>>make CFGL="-L./lib -ltirpc" >>> >>>pushd tests >>>make >>>popd >>>}}} >>> >>>The install is manual. I recommend something like: >>> >>>{{{ >>>groupadd -g 63 lsof >>>install -4750 -o root -g lsof lsof /lib > > > 0755 root root /usr/bin/lsof , (ie not suid) & no addl gp ? Some of the things it does requires root, even when run as a non-privileged user. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
> Date: Sun, 12 Jan 2014 17:05:27 -0600 > From: Bruce Dubbs > To: BLFS Development List > Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87 > > akhiezer wrote: > >> Date: Sun, 12 Jan 2014 21:20:36 +0100 > >> From: "Armin K." > >> To: BLFS Development List > >> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: > >> lsof_4.87 > >> > >> On 12.1.2014 21:12, BLFS Trac wrote: > >>> #4556: Add package: lsof_4.87 > >>> +--- > >>>Reporter: fo | Owner: fo > >>>Type: task| Status: assigned > >>>Priority: normal | Milestone: current > >>> Component: BOOK| Version: SVN > >>>Severity: normal | Resolution: > >>>Keywords: | > >>> +--- > >>> > >>> Comment (by bdubbs@???): > >>> > >>>This one is a little unusual: > >>> > >>>{{{ > >>>tar -xf lsof_4.87.tar.bz2 > >>>cd lsof_4.87 > >>>tar -xf lsof_4.87_src > >>>cd lsof_4.87_src > >>>yes n |./Configure linux > > > > > > 'echo n' ? > > No, it asks two questions. > Yes, and? So the first question gets 'n' and the second question gets default and you get the inventory part done. > > >>>make CFGL="-L./lib -ltirpc" > >>> > >>>pushd tests > >>>make > >>>popd > >>>}}} > >>> > >>>The install is manual. I recommend something like: > >>> > >>>{{{ > >>>groupadd -g 63 lsof > >>>install -4750 -o root -g lsof lsof /lib > > > > > > 0755 root root /usr/bin/lsof , (ie not suid) & no addl gp ? > > Some of the things it does requires root, even when run as a > non-privileged user. > Eeek. I'll keep it non-setuid, tyvm. akh >-- Bruce > > -- > -- -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
akhiezer wrote: >> Date: Sun, 12 Jan 2014 17:05:27 -0600 >> From: Bruce Dubbs >> To: BLFS Development List >> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87 >> >> akhiezer wrote: >>>> Date: Sun, 12 Jan 2014 21:20:36 +0100 >>>> From: "Armin K." >>>> To: BLFS Development List >>>> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: >>>> lsof_4.87 >>>> >>>> On 12.1.2014 21:12, BLFS Trac wrote: >>>>> #4556: Add package: lsof_4.87 >>>>> +--- >>>>> Reporter: fo | Owner: fo >>>>> Type: task| Status: assigned >>>>> Priority: normal | Milestone: current >>>>> Component: BOOK| Version: SVN >>>>> Severity: normal | Resolution: >>>>> Keywords: | >>>>> +--- >>>>> >>>>> Comment (by bdubbs@???): >>>>> >>>>> This one is a little unusual: >>>>> >>>>> {{{ >>>>> tar -xf lsof_4.87.tar.bz2 >>>>> cd lsof_4.87 >>>>> tar -xf lsof_4.87_src >>>>> cd lsof_4.87_src >>>>> yes n |./Configure linux >>> >>> >>> 'echo n' ? >> >> No, it asks two questions. > > Yes, and? So the first question gets 'n' and the second question gets default > and you get the inventory part done. How do you get he CR for the 2nd question into a script? >>> 0755 root root /usr/bin/lsof , (ie not suid) & no addl gp ? >> >> Some of the things it does requires root, even when run as a >> non-privileged user. >> > > > Eeek. I'll keep it non-setuid, tyvm. LOL. Your distro... -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
> From blfs-dev-boun...@linuxfromscratch.org Mon Jan 13 02:55:59 2014 > Date: Sun, 12 Jan 2014 21:02:47 -0600 > From: Bruce Dubbs > To: BLFS Development List > Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87 > . . > >>>>> yes n |./Configure linux > >>> > >>> > >>> 'echo n' ? > >> > >> No, it asks two questions. > > > > Yes, and? So the first question gets 'n' and the second question gets > > default > > and you get the inventory part done. s/done/not done (in each case)/ > > How do you get he CR for the 2nd question into a script? > Don't need to explicitly here. The consequent fall-through to './Customize ...' gives the adjusted 'machine.h'; cf/re not running as set*id. (Or you can just modify machine.h directly after the main ./Configure ). > >>> 0755 root root /usr/bin/lsof , (ie not suid) & no addl gp ? > >> > >> Some of the things it does requires root, even when run as a > >> non-privileged user. > >> > > > > > > Eeek. I'll keep it non-setuid, tyvm. > > LOL. Your distro... > Indeed, 'LOL' while recommending folks install as set*id; even moreso as it's not really needed. (Lsof 'needed' [even though it didn't really] set*id even while containing (thus-)rootable exploits). General default re set*id should be no unless strong (which includes/implies known, understood) reason to enable. Why do you need/want set*id ? rgds, akhiezer >-- Bruce > -- > -- -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
On Sun, Jan 12, 2014 at 09:02:47PM -0600, Bruce Dubbs wrote: > akhiezer wrote: > >> Date: Sun, 12 Jan 2014 17:05:27 -0600 > >> From: Bruce Dubbs > >> To: BLFS Development List > >> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: > >> lsof_4.87 > >> > >> Some of the things it does requires root, even when run as a > >> non-privileged user. > >> > > > > > > Eeek. I'll keep it non-setuid, tyvm. > > LOL. Your distro... > >-- Bruce Does it work when installed suid (on x86_64) ? I used to build it, but stopped doing that several years ago. Partly, the weird packaging, and test failures, if I recall correctly, caused me to discount it. But I also think that on the rare occasions I tried to use it (mostly development-kernel problems, probably also when I've had problems in the nfs area) it was less than useful. That was with it installed non-suid. ĸen -- das eine Mal als Tragödie, dieses Mal als Farce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
On 01/13/2014 06:39 PM, Bruce Dubbs wrote: > Ken Moffat wrote: >> On Sun, Jan 12, 2014 at 09:02:47PM -0600, Bruce Dubbs wrote: >>> akhiezer wrote: >>>>> Date: Sun, 12 Jan 2014 17:05:27 -0600 >>>>> From: Bruce Dubbs >>>>> To: BLFS Development List >>>>> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: >>>>> lsof_4.87 >>>>> >> >>>>> Some of the things it does requires root, even when run as a >>>>> non-privileged user. >>>>> >>>> >>>> >>>> Eeek. I'll keep it non-setuid, tyvm. >>> >>> LOL. Your distro... >>> >>> -- Bruce >> >> Does it work when installed suid (on x86_64) ? I used to build it, >> but stopped doing that several years ago. Partly, the weird >> packaging, and test failures, if I recall correctly, caused me to >> discount it. But I also think that on the rare occasions I tried to >> use it (mostly development-kernel problems, probably also when I've >> had problems in the nfs area) it was less than useful. That was >> with it installed non-suid. > > lsof needs to read: > > crw-r- 1 root kmem 1, 2 Jul 26 19:14 /dev/kmem > > That's at least one reason for the suid bit. > >-- Bruce > > > Since you decided to put it in /sbin which isn't and shouldn't be in normal user path, it should be only run as root because of that. On the other hand, I can perfectly run it as normal user. It might just print a warning though, it isn't anything critical if it can't open /dev/kmem. That shouldn't be something user should be able to read anyways. -- Note: My last name is not Krejzi. -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
Ken Moffat wrote: > On Sun, Jan 12, 2014 at 09:02:47PM -0600, Bruce Dubbs wrote: >> akhiezer wrote: >>>> Date: Sun, 12 Jan 2014 17:05:27 -0600 >>>> From: Bruce Dubbs >>>> To: BLFS Development List >>>> Subject: Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: >>>> lsof_4.87 >>>> > >>>> Some of the things it does requires root, even when run as a >>>> non-privileged user. >>>> >>> >>> >>> Eeek. I'll keep it non-setuid, tyvm. >> >> LOL. Your distro... >> >> -- Bruce > > Does it work when installed suid (on x86_64) ? I used to build it, > but stopped doing that several years ago. Partly, the weird > packaging, and test failures, if I recall correctly, caused me to > discount it. But I also think that on the rare occasions I tried to > use it (mostly development-kernel problems, probably also when I've > had problems in the nfs area) it was less than useful. That was > with it installed non-suid. lsof needs to read: crw-r- 1 root kmem 1, 2 Jul 26 19:14 /dev/kmem That's at least one reason for the suid bit. -- Bruce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
Re: [blfs-dev] [blfs-book] [BLFS Trac] #4556: Add package: lsof_4.87
On Mon, Jan 13, 2014 at 06:45:43PM +0100, Armin K. wrote: > On 01/13/2014 06:39 PM, Bruce Dubbs wrote: > > Ken Moffat wrote: > >> > >> Does it work when installed suid (on x86_64) ? I used to build it, > >> but stopped doing that several years ago. Partly, the weird > >> packaging, and test failures, if I recall correctly, caused me to > >> discount it. But I also think that on the rare occasions I tried to > >> use it (mostly development-kernel problems, probably also when I've > >> had problems in the nfs area) it was less than useful. That was > >> with it installed non-suid. > > > > lsof needs to read: > > > > crw-r- 1 root kmem 1, 2 Jul 26 19:14 /dev/kmem > > > > That's at least one reason for the suid bit. > > > >-- Bruce > > > > > > > > Since you decided to put it in /sbin which isn't and shouldn't be in > normal user path, it should be only run as root because of that. > > On the other hand, I can perfectly run it as normal user. It might just > print a warning though, it isn't anything critical if it can't open > /dev/kmem. That shouldn't be something user should be able to read anyways. > I don't even have /dev/kmem, I regard it as a potential vulnerability. See e.g. http://lwn.net/Articles/147901/ - in particular, see Nix's comment from April 2010 near the bottom. So in my .config: # CONFIG_DEVKMEM is not set ĸen -- das eine Mal als Tragödie, dieses Mal als Farce -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page