Summary: | sys-process/procps: vmstat test fails with hardened/grsec & FEATURES="userpriv" | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Roman Žilka <roman.zilka> |
Component: | [OLD] Core system | Assignee: | Gentoo's Team for Core System packages <base-system> |
Status: | CONFIRMED --- | ||
Severity: | minor | CC: | hardened |
Priority: | Normal | Keywords: | TESTFAILURE |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://gitlab.com/procps-ng/procps/issues/3 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Roman Žilka
2013-03-12 10:09:02 UTC
In case you want more evidence: # grep ^spawn sys-process/procps-3.3.6/work/procps-ng-3.3.6/testsuite/vmstat.log spawn /boot/tmp/portage/sys-process/procps-3.3.6/work/procps-ng-3.3.6/vmstat spawn /boot/tmp/portage/sys-process/procps-3.3.6/work/procps-ng-3.3.6/vmstat -a spawn /boot/tmp/portage/sys-process/procps-3.3.6/work/procps-ng-3.3.6/vmstat -f spawn /boot/tmp/portage/sys-process/procps-3.3.6/work/procps-ng-3.3.6/vmstat -m spawn /boot/tmp/portage/sys-process/procps-3.3.6/work/procps-ng-3.3.6/vmstat -d spawn /boot/tmp/portage/sys-process/procps-3.3.6/work/procps-ng-3.3.6/vmstat -p sda1 But as a non-root: $ for i in '' '-a' '-f' '-m' '-d' '-p sda1'; do echo -e '\n==============' vmstat $i; strace -e open,access vmstat $i; done ============== vmstat access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 open("/lib64/libprocps.so.1", O_RDONLY|O_CLOEXEC) = 3 open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 open("/sys/devices/system/cpu/online", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib64/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3 open("/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3 open("/usr/share/locale/en_GB.UTF-8/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_GB.utf8/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_GB/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en.UTF-8/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en.utf8/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu---- r b swpd free buff cache si so bi bo in cs us sy id wa open("/proc/meminfo", O_RDONLY) = 3 open("/proc/stat", O_RDONLY) = 4 open("/proc/vmstat", O_RDONLY) = -1 EACCES (Permission denied) Error: /proc must be mounted To mount /proc at boot you need an /etc/fstab line like: proc /proc proc defaults In the meantime, run "mount proc /proc -t proc" +++ exited with 102 +++ ============== vmstat -a access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 open("/lib64/libprocps.so.1", O_RDONLY|O_CLOEXEC) = 3 open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 open("/sys/devices/system/cpu/online", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib64/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3 open("/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3 open("/usr/share/locale/en_GB.UTF-8/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_GB.utf8/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_GB/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en.UTF-8/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en.utf8/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu---- r b swpd free inact active si so bi bo in cs us sy id wa open("/proc/meminfo", O_RDONLY) = 3 open("/proc/stat", O_RDONLY) = 4 open("/proc/vmstat", O_RDONLY) = -1 EACCES (Permission denied) Error: /proc must be mounted To mount /proc at boot you need an /etc/fstab line like: proc /proc proc defaults In the meantime, run "mount proc /proc -t proc" +++ exited with 102 +++ ============== vmstat -f access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 open("/lib64/libprocps.so.1", O_RDONLY|O_CLOEXEC) = 3 open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 open("/sys/devices/system/cpu/online", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib64/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3 open("/proc/stat", O_RDONLY) = 3 open("/proc/vmstat", O_RDONLY) = -1 EACCES (Permission denied) Error: /proc must be mounted To mount /proc at boot you need an /etc/fstab line like: proc /proc proc defaults In the meantime, run "mount proc /proc -t proc" +++ exited with 102 +++ ============== vmstat -m access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 open("/lib64/libprocps.so.1", O_RDONLY|O_CLOEXEC) = 3 open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 open("/sys/devices/system/cpu/online", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib64/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3 open("/proc/slabinfo", O_RDONLY) = -1 EACCES (Permission denied) open("/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3 open("/usr/share/locale/en_GB.UTF-8/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_GB.utf8/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_GB/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en.UTF-8/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en.utf8/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en/LC_MESSAGES/procps-ng.mo", O_RDONLY) = -1 ENOENT (No such file or directory) vmstat: your kernel does not support slabinfo or your permissions are insufficient +++ exited with 0 +++ ============== vmstat -d access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 open("/lib64/libprocps.so.1", O_RDONLY|O_CLOEXEC) = 3 open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 open("/sys/devices/system/cpu/online", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib64/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3 open("/proc/diskstats", O_RDONLY) = 3 open("/proc/diskstats", O_RDONLY) = 3 access("/sys/block/sda", F_OK) = -1 EACCES (Permission denied) --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0xfffffffffffffff0} --- +++ killed by SIGSEGV +++ Segmentation fault ============== vmstat -p sda1 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 open("/lib64/libprocps.so.1", O_RDONLY|O_CLOEXEC) = 3 open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 open("/sys/devices/system/cpu/online", O_RDONLY|O_CLOEXEC) = 3 open("/usr/lib64/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3 open("/proc/diskstats", O_RDONLY) = 3 open("/proc/diskstats", O_RDONLY) = 3 access("/sys/block/sda", F_OK) = -1 EACCES (Permission denied) --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0xfffffffffffffff0} --- +++ killed by SIGSEGV +++ Segmentation fault This looks like a duplicate of bug 404389, can you check? Bug 404398 is about /proc/something missing, because a kernel option is missing because of ( grsec || CONFIG_EXPERT ). In this case the /proc/something is there, but is restricted to root because of grsec. Two typos in two words: bug 404389 was what I meant, of course. sent upstream |