普通用户无法读取/proc/net/dev
我很确定我在这里遗漏了一些东西,但我不确定到底是什么:
这是 root 可以看到的内容:
root@opteron16:/# ls -l | grep proc
dr-xr-xr-x 290 root root 0 2012-01-14 02:03 proc
root@opteron16:/# ls -l proc | grep net
lrwxrwxrwx 1 root root 8 2012-01-21 03:29 net -> self/net
root@opteron16:/# ls -l proc/net/ | grep dev
-r--r--r-- 1 root root 0 2012-01-14 02:05 dev
这是 ganglia 用户:
root@opteron16:/# cat /etc/passwd | grep ganglia
ganglia:x:111:119:Ganglia Monitor:/var/lib/ganglia:/bin/false
当我尝试使用此用户访问 /proc/net/dev 时:
root@opteron16:/# su -s /bin/bash ganglia
ganglia@opteron16:/$ ls -l /proc | grep net
lrwxrwxrwx 1 root root 8 2012-01-21 19:49 net -> self/net
ganglia@opteron16:/$ ls -l /proc/net/
ls: reading directory /proc/net/: Invalid argument
total 0
ganglia@opteron16:/$ cat /proc/net/dev
cat: /proc/net/dev: No such file or directory
如果不觉得自己很愚蠢就太好了:)。
编辑
这是我注意到的事情,我以前从未见过这样的行为:
root@opteron16:/proc# ls -l | grep "self -"
lrwxrwxrwx 1 root root 64 2012-01-22 00:01 self -> 29095
root@opteron16:/proc# ls -l | grep "self -"
lrwxrwxrwx 1 root root 64 2012-01-22 00:01 self -> 29097
root@opteron16:/proc# ls -l | grep "self -"
lrwxrwxrwx 1 root root 64 2012-01-22 00:01 self -> 29099
I'm pretty sure that I'm missing something here, but I'm not sure exactly what:
This is what root can see:
root@opteron16:/# ls -l | grep proc
dr-xr-xr-x 290 root root 0 2012-01-14 02:03 proc
root@opteron16:/# ls -l proc | grep net
lrwxrwxrwx 1 root root 8 2012-01-21 03:29 net -> self/net
root@opteron16:/# ls -l proc/net/ | grep dev
-r--r--r-- 1 root root 0 2012-01-14 02:05 dev
This is the ganglia user:
root@opteron16:/# cat /etc/passwd | grep ganglia
ganglia:x:111:119:Ganglia Monitor:/var/lib/ganglia:/bin/false
When I try to access /proc/net/dev with this user:
root@opteron16:/# su -s /bin/bash ganglia
ganglia@opteron16:/$ ls -l /proc | grep net
lrwxrwxrwx 1 root root 8 2012-01-21 19:49 net -> self/net
ganglia@opteron16:/$ ls -l /proc/net/
ls: reading directory /proc/net/: Invalid argument
total 0
ganglia@opteron16:/$ cat /proc/net/dev
cat: /proc/net/dev: No such file or directory
Would be great to not feel this stupid : ).
Edit
This is something which I've noticed and I've never seen such a behaviour before:
root@opteron16:/proc# ls -l | grep "self -"
lrwxrwxrwx 1 root root 64 2012-01-22 00:01 self -> 29095
root@opteron16:/proc# ls -l | grep "self -"
lrwxrwxrwx 1 root root 64 2012-01-22 00:01 self -> 29097
root@opteron16:/proc# ls -l | grep "self -"
lrwxrwxrwx 1 root root 64 2012-01-22 00:01 self -> 29099
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
这很可能是由于您的内核是用 grsec 编译的。即
我已经在 ovh 托管的服务器上看到这种情况发生,因为这是他们为您安装的默认内核,以便通过他们的管理工具启用网络启动。
总而言之,你可以执行以下操作之一:
Most likely, this is due to your kernel that has been compiled with grsec. i.e.
I have seen this happen on servers hosted by ovh since this is the default kernel they install for you to enable netboot through their admin tools.
To summarize, you can do one of:
我无法在我的 ubuntu 上复制这个
也许你的系统有某种 chroot'd shell?
cat /proc/self/net/dev对您的“ganglia”用户有用吗?I can't replicate this on my ubuntu
Maybe your system has some kind of chroot'd shells?
Does
cat /proc/self/net/devwork for your "ganglia" user?