Output of ifconfig using sys-apps/net-tools-1.60-r13: Warning: cannot open /proc/net/dev (No such file or directory). Limited output. ppp0 Link encap:Point-to-Point Protocol inet addr:79.239.196.28 P-t-P:217.0.118.216 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 Output of ifconfig using sys-apps/net-tools-1.60_p20071202044231-r1 Warning: cannot open /proc/net/dev (No such file or directory). Limited output. But then no limited output appears.
Additional Info / grsec.log: Sep 22 09:30:48 machine [376143.132563] grsec: denied resource overstep by requesting 4096 for RLIMIT_CORE against limit 0 for /sbin/ifconfig[ifconfig:23336] uid/euid:105/105 gid/egid:105/105, parent /bin/bash[sh:23335] uid/euid:105/105 gid/egid:105/105 Sep 22 09:35:48 machine [376443.152742] grsec: signal 11 sent to /sbin/ifconfig[ifconfig:23420] uid/euid:105/105 gid/egid:105/105, parent /bin/bash[sh:23419] uid/euid:105/105 gid/egid:105/105
Ah, I think you're supposed to run it as the system administrator. Check if your halo makes it go away. You might also try loosening the restrictions to the procfs in your next kernel.
As I told you on IRC. This is the way ifconfig has always behaved. The limited output is ifconfig telling you that it can't display everything cuz you are not root and don't have permissions to read /proc/net/dev as a normal user. Example: strace -eopen ifconfig vs sudo strace -eopen ifconfig This bug also fails to identify any actual breakage so sorry but we need to close this as INVALID.
(In reply to comment #3) > As I told you on IRC. This is the way ifconfig has always behaved. false, ifconfig behaved earlier: Warning: cannot open /proc/net/dev (No such file or directory). Limited output. lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 the new version only displays: Warning: cannot open /proc/net/dev (No such file or directory). Limited output. > The limited output is ifconfig telling you that it can't display everything cuz > you are not root and don't have permissions to read /proc/net/dev as a normal > user. This is correct, the warning says limited output, but it really does not make sense to supress the limited ouput, too. This would be security by obscurity, since IP, Mask, Flags, MTU... is viewable to everyone so there is really no reason to supress the limited output, too. > This bug also fails to identify any actual breakage so sorry but we need to > close this as INVALID. In my opinion, this bug breaks ddclient, since ifconfig does not display the limited output. It gives no output at all.
There another issue with it. If executed with param (interface name) it's segfault! powerman@home ~ $ ifconfig Warning: cannot open /proc/net/dev (Permission denied). Limited output. powerman@home ~ $ ifconfig eth0 Warning: cannot open /proc/net/dev (Permission denied). Limited output. Segmentation fault Here is log records: 2008-10-01_18:58:13.11036 kern.info: ifconfig[3479]: segfault at 00000008 eip 4a6ec3d0 esp 58517734 error 4 2008-10-01_18:58:13.11037 kern.alert: grsec: signal 11 sent to /sbin/ifconfig[ifconfig:3479] uid/euid:1000/1000 gid/egid:100/100, parent /bin/bash[bash:1948] uid/euid:1000/1000 gid/egid:100/100 I think if core tool like ifconfig segfault this way, it's a critical bug which should be fixed asap (probably by hardmasking this version of net-tools).
Created attachment 198867 [details, diff] Fix segfault in ifconfig Patch to fix the segfault described by Alex in Comment 5. Not that it addresses the bug overall but every little helps, right?
the segfault was reported upstream (Debian bug 222209) and fixed on 2 Oct 2008 the original reported issue is due to a rewrite of if_readlist() on 28 Jun 2003 where any failure in one of the if_readxxx func was passed back up rather than requiring that all funcs fail should be fixed with 1.60_p20090728014017
