Results 1 to 13 of 13
  1. #1
    Join Date
    May 2005
    Location
    Bangalore
    Posts
    32

    can't able to view the processes owned by other user

    Hi,

    When I run the command ps -awux from a user's bash shell(not root), it's
    listing the processes under the particular user only. I am not able to view the processes owned by other users including root. I could see others processes as well in another server with the same OS. I noticed that this issue exists only in the servers which has 2.4.*-grsec. I could fix the issue by changing the value of a sysctl directive in FreeBSD. But the same problem still exists in RH. Can anyone tell me how can we fix it?

  2. #2
    Join Date
    May 2002
    Location
    Moscow
    Posts
    1,490
    this is not issue, this is just security settings which prefered by sysadmin. without his goodwill you can't do nothing.
    Rustelekom LLC Dedicated server since 2002, RIPE NCC member, LIR, AS51168

  3. #3
    Join Date
    May 2005
    Location
    Bangalore
    Posts
    32
    I am the sysadmin and I would like to know how to disable it. I tried, but could not do it.
    Akhthar Parvez K
    http://SysAdminGUIDE.COM
    System Management Tips

    -UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity - Dennie Richie

  4. #4
    Join Date
    May 2002
    Location
    Moscow
    Posts
    1,490
    which version of RH you use? In RH ES 3.0 for example and if you not use any security patch like grsec this is not possible by default. May be you use RH 4.0 ? If i correct it is by default use SELinux and this may be a direction.
    Rustelekom LLC Dedicated server since 2002, RIPE NCC member, LIR, AS51168

  5. #5
    Join Date
    May 2005
    Location
    Bangalore
    Posts
    32
    The same issue exists in some of the servers regardless of RH version. The servers with OS such as Red Hat Linux release 9, CentOS 3.5 etc. Can anyone tell me how can we fix this issue.
    Akhthar Parvez K
    http://SysAdminGUIDE.COM
    System Management Tips

    -UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity - Dennie Richie

  6. #6
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686
    Then you're using grsec on all of your servers. If you're the "sysadmin" and didn't know that, shame on you. Login as root and you'll be able to see all processes

    By default, ps aux shows all processes to all users. If you can't, then the only realistic explaination is that you're using grsec, which modifies how the system handles things. Might take a look @ the grsec homepage for how to disable this (www.grsecurity.org)
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Always looking for Linux, WHMCS, Support Desk work. PM for details

  7. #7
    Join Date
    May 2005
    Location
    Bangalore
    Posts
    32
    Hi linux-tech,

    I respect your words. I know that grsec caused this. But the problem is, this issue does not exist in all grsec servers. I know that I can view all processes if I login as root. But here I am configuring nagios to check services such as cron for which it needs to view other users processes also since it's running under the user nagios.

    It seems that one of the following caused the issue.

    CONFIG_GRKERNSEC_PROC=y
    CONFIG_GRKERNSEC_PROC_USER=y
    CONFIG_GRKERNSEC_PROC_ADD=y

    Is there any way to change the value without recompiling kernel(by changing the value of any sysctl directive)
    Akhthar Parvez K
    http://SysAdminGUIDE.COM
    System Management Tips

    -UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity - Dennie Richie

  8. #8
    Join Date
    Dec 2002
    Location
    Egypt
    Posts
    151
    You need to recompile your kernel again to get this works with nagios.
    knowledge is Power , Spread it.
    www.e-tutankhamun.com
    [email protected]
    AIM:AhmedFouad0 , yahooID:xor2004

  9. #9
    Join Date
    May 2005
    Location
    Bangalore
    Posts
    32
    I was going to recompile it. But wanted to know if I can avoid it since this issue exists in more than 15 servers.
    Akhthar Parvez K
    http://SysAdminGUIDE.COM
    System Management Tips

    -UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity - Dennie Richie

  10. #10
    Join Date
    May 2002
    Location
    Moscow
    Posts
    1,490
    if i correct remember, you can't change this settings without recompiling kernel. grsec has a some util (gradm may be? ) but it's not allow do this.
    but, may be you may set by gradm special rules for nagios user. i think this is possible, but i also must say that this will take more time and more works, because you will need learn grsec on your system and also correct then generated rules by hands.
    Rustelekom LLC Dedicated server since 2002, RIPE NCC member, LIR, AS51168

  11. #11
    Join Date
    Jan 2005
    Location
    Chicago
    Posts
    226
    Rah Rah linux.

    In FreeBSD you can enable and disable users seeing processes not owned by them by changing this value with sysctl

    kern.ps_showallprocs=0

    0 = you cannot see other stuff
    1 = you can.

    no recompile needed. No reboot. You can force this setting at boot time by adding that line to your /etc/sysctl.conf

    simple is better.
    Ken

    CROWHOST hosting+colocation services | 877-CROWHOST | support at crowhost.com
    Independent remote-hands serving all Chicago data centers

  12. #12
    Join Date
    Jul 2005
    Posts
    56
    CROWHOST, I believe that is for 4.x, on 5.x it is security.bsd.see_other_uids

  13. #13
    Join Date
    May 2005
    Location
    Bangalore
    Posts
    32
    Hi CROWHOST,

    You are right. I had the same issue in FreeBSD and was able fix it without recompiling the kernel(I had mentioned in my first post). But was searching to find any fix for the same issue in RedHat Linux. I will recompile the kernel to fix this issue.

    Thanks to all who have given their suggessions..
    Akhthar Parvez K
    http://SysAdminGUIDE.COM
    System Management Tips

    -UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity - Dennie Richie

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •