Re: No entries in /proc :: feature or problem ??
On Fri, Nov 22, 2002 at 01:02:56AM -0500, Dhee Reddy wrote: Hello all. Just tried to look up some info and saw that the /proc filesystem doesn't contain any files. Shouldn't they contain entries correcponding to all the processes ? The procfs filesystem is not mounted by default on 5.0 (see the release notes). Kris msg47170/pgp0.pgp Description: PGP signature
Re: No entries in /proc :: feature or problem ??
On 22 Nov 2002, Dhee Reddy wrote: Just tried to look up some info and saw that the /proc filesystem doesn't contain any files. Shouldn't they contain entries correcponding to all the processes ? truely -- dhee In fresh 5.0 installs, procfs is not enabled by default. Right now there appear to be two tools in the system that pay a price for this: (1) procfs -e relies on grubbing through /proc/pid/mem to find environmental variables -- everything else, it can get through sysctl(). (2) truss currently relies on procfs, albeit not working very well. There were a set of patches floating around to make truss use ptrace(), which is the direction we probably do want to take this. If someone could finish up that work, it would be great. The reasons to deprecate procfs are many-fold -- not least that there are existing interfaces in the kernel that provide most or all of its features at a substantially lower risk. You just have to see the kernel-related security advisories for FreeBSD, Linux, Solaris, etc, over the last five years to understand why we want to turn it off if we can. :-) There has also been a concerted effort to move userland system monitoring tools away from using /dev/kvm (direct kernel memory access) and towards using the sysctl() MIB interface, reducing the level of privilege required to run the monitoring tools. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects [EMAIL PROTECTED] Network Associates Laboratories To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: No entries in /proc :: feature or problem ??
Dhee Reddy [EMAIL PROTECTED] writes: Hello all. Just tried to look up some info and saw that the /proc filesystem doesn't contain any files. Shouldn't they contain entries correcponding to all the processes ? truely This question was just asked a few days ago (yesterday?). By default, /proc is no longer mounted. To reenable it (not recommended for production systems because of procfs' poor security record) add the following line to fstab: proc/proc procfs rw 0 0 and run: mount /proc Best regards, Mike Barcroft To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: No entries in /proc :: feature or problem ??
On Fri, 22 Nov 2002, Mike Barcroft wrote: Dhee Reddy [EMAIL PROTECTED] writes: Hello all. Just tried to look up some info and saw that the /proc filesystem doesn't contain any files. Shouldn't they contain entries correcponding to all the processes ? truely This question was just asked a few days ago (yesterday?). By default, /proc is no longer mounted. To reenable it (not recommended for production systems because of procfs' poor security record) add the following line to fstab: proc /proc procfs rw 0 0 This sounds like this will be a common 5.0 FAQ. We should probably put it on the web page somewhere, with some useful discussion of the benefits and risks. It's not clear to me why the open office build is looking for procfs -- probably so that it can get to /proc/pid/cmdline, which is a bogusism if ever I saw one. I talked with Martin Blapp at one point about how to adapt the Open Office build to DTRT -- it really shouldn't be hard to teach it to use argv, one way or the other, especially given that Solaris (on which Star Office runs quite nicely) doesn't support cmdline. :-) Robert N M Watson FreeBSD Core Team, TrustedBSD Projects [EMAIL PROTECTED] Network Associates Laboratories To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: No entries in /proc :: feature or problem ??
Thus spake Robert Watson [EMAIL PROTECTED]: The reasons to deprecate procfs are many-fold -- not least that there are existing interfaces in the kernel that provide most or all of its features at a substantially lower risk. You just have to see the kernel-related security advisories for FreeBSD, Linux, Solaris, etc, over the last five years to understand why we want to turn it off if we can. :-) There has also been a concerted effort to move userland system monitoring tools away from using /dev/kvm (direct kernel memory access) and towards using the sysctl() MIB interface, reducing the level of privilege required to run the monitoring tools. By the way, what do you think is the most reasonable way to implement things like /proc/$pid/map without procfs? I don't want to use procfs if I can avoid it, but on the other hand I like some of its debugging features. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: No entries in /proc :: feature or problem ??
Robert Watson wrote: (2) truss currently relies on procfs, albeit not working very well. There were a set of patches floating around to make truss use ptrace(), which is the direction we probably do want to take this. If someone could finish up that work, it would be great. The reasons to deprecate procfs are many-fold -- not least that there are existing interfaces in the kernel that provide most or all of its features at a substantially lower risk. You just have to see the kernel-related security advisories for FreeBSD, Linux, Solaris, etc, over the last five years to understand why we want to turn it off if we can. :-) It would be nice if a condition of turning it off were a working truss. A priori. -- Terry To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
No entries in /proc :: feature or problem ??
Hello all. Just tried to look up some info and saw that the /proc filesystem doesn't contain any files. Shouldn't they contain entries correcponding to all the processes ? truely -- dhee To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message