|
|
|
|
|
|
| Author |
Message |
Julian Elischer
*nix forums Guru Wannabe
Joined: 20 Mar 2002
Posts: 279
|
 Posted: Fri May 03, 2002 5:59 am Post subject:
Re: deperlifying sockstat(1)
|
|
|
I have used it from time to time
with Netstat and fstat to try find which process had the suspect session..
On Fri, 3 May 2002, Bruce Evans wrote:
| Quote: | On Wed, 1 May 2002, Julian Elischer wrote:
On Thu, 2 May 2002, Poul-Henning Kamp wrote:
In message <xzp8z73pjh6.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav writes:
I'm working on a C version of sockstat(1), and to complete it I need
to do nasty stuff like using libkvm and defining _KERNEL before
including some headers (see fstat). I'm starting to think that it
would be easier to just make a kern.sockstat sysctl node, and make
sockstat(1) a #!/bin/sh wrapper around sysctl( . Ideas?
sysctl is way better than libkvm because it provides a chance
for presentation.
unless sockstat gets a -N -M capacity such as teh other similar programs..
Who uses this? No one complained when it was broken for vmstat -m.
Bruce
|
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message |
|
| Back to top |
|
 |
Robert Watson
*nix forums Guru Wannabe
Joined: 22 Mar 2002
Posts: 218
|
| Posted: Fri May 03, 2002 2:43 am Post subject:
Re: deperlifying sockstat(1)
|
|
|
On Thu, 2 May 2002, Peter Wemm wrote:
| Quote: | unless sockstat gets a -N -M capacity such as teh other similar programs..
Who uses this? No one complained when it was broken for vmstat -m.
We do (at work). We also backed out the netstat breakage that Garrett
committed that broke that functionality too.
|
For at least some of the prior work in removing use of libkvm, that
removal has just been for default operation -- use sysctl if appropriate,
and use libkvm if specifically requested and privilege is available,
making it work on cores. That will probably be a good strategy as we move
forwards.
BTW, we've actually now expanded our contract with DES for PAM work to
include wandering through the remaining libkvm/setgid-kmem binaries to do
this cleanup work, and expose any remaining required data through sysctl,
so unless someone feels like duplicating the work, the task is probably
claimed. :-)
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
robert@fledge.watson.org NAI Labs, Safeport Network Services
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message |
|
| Back to top |
|
|
Peter Wemm
*nix forums Guru Wannabe
Joined: 11 Apr 2002
Posts: 113
|
| Posted: Thu May 02, 2002 10:28 pm Post subject:
Re: deperlifying sockstat(1)
|
|
|
Bruce Evans wrote:
| Quote: | On Wed, 1 May 2002, Julian Elischer wrote:
On Thu, 2 May 2002, Poul-Henning Kamp wrote:
In message <xzp8z73pjh6.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav writes:
I'm working on a C version of sockstat(1), and to complete it I need
to do nasty stuff like using libkvm and defining _KERNEL before
including some headers (see fstat). I'm starting to think that it
would be easier to just make a kern.sockstat sysctl node, and make
sockstat(1) a #!/bin/sh wrapper around sysctl(. Ideas?
sysctl is way better than libkvm because it provides a chance
for presentation.
unless sockstat gets a -N -M capacity such as teh other similar programs..
Who uses this? No one complained when it was broken for vmstat -m.
|
We do (at work). We also backed out the netstat breakage that Garrett
committed that broke that functionality too.
Cheers,
-Peter
--
Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com
"All of this is for nothing if we don't go to the stars" - JMS/B5
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message |
|
| Back to top |
|
|
Bruce Evans
*nix forums Guru Wannabe
Joined: 22 Mar 2002
Posts: 190
|
| Posted: Thu May 02, 2002 5:45 pm Post subject:
Re: deperlifying sockstat(1)
|
|
|
On Wed, 1 May 2002, Julian Elischer wrote:
| Quote: | On Thu, 2 May 2002, Poul-Henning Kamp wrote:
In message <xzp8z73pjh6.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav writes:
I'm working on a C version of sockstat(1), and to complete it I need
to do nasty stuff like using libkvm and defining _KERNEL before
including some headers (see fstat). I'm starting to think that it
would be easier to just make a kern.sockstat sysctl node, and make
sockstat(1) a #!/bin/sh wrapper around sysctl(. Ideas?
sysctl is way better than libkvm because it provides a chance
for presentation.
unless sockstat gets a -N -M capacity such as teh other similar programs..
|
Who uses this? No one complained when it was broken for vmstat -m.
Bruce
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message |
|
| Back to top |
|
|
Julian Elischer
*nix forums Guru Wannabe
Joined: 20 Mar 2002
Posts: 279
|
| Posted: Thu May 02, 2002 5:15 am Post subject:
Re: deperlifying sockstat(1)
|
|
|
On Thu, 2 May 2002, Poul-Henning Kamp wrote:
| Quote: | In message <xzp8z73pjh6.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav writes:
I'm working on a C version of sockstat(1), and to complete it I need
to do nasty stuff like using libkvm and defining _KERNEL before
including some headers (see fstat). I'm starting to think that it
would be easier to just make a kern.sockstat sysctl node, and make
sockstat(1) a #!/bin/sh wrapper around sysctl(. Ideas?
sysctl is way better than libkvm because it provides a chance
for presentation.
|
unless sockstat gets a -N -M capacity such as teh other similar programs..
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message |
|
| Back to top |
|
|
Poul-Henning Kamp
*nix forums Guru
Joined: 21 Mar 2002
Posts: 436
|
| Posted: Thu May 02, 2002 3:22 am Post subject:
Re: deperlifying sockstat(1)
|
|
|
In message <Pine.BSF.4.21.0205012206440.75286-100000@InterJet.elischer.org>, Ju
lian Elischer writes:
| Quote: | In message <xzp8z73pjh6.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav writes:
I'm working on a C version of sockstat(1), and to complete it I need
to do nasty stuff like using libkvm and defining _KERNEL before
including some headers (see fstat). I'm starting to think that it
would be easier to just make a kern.sockstat sysctl node, and make
sockstat(1) a #!/bin/sh wrapper around sysctl(. Ideas?
sysctl is way better than libkvm because it provides a chance
for presentation.
unless sockstat gets a -N -M capacity such as teh other similar programs..
|
The ratio of -N -M use to normal use is so low that it is no
justification for creating a setuid program for the normal case.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message |
|
| Back to top |
|
|
Poul-Henning Kamp
*nix forums Guru
Joined: 21 Mar 2002
Posts: 436
|
| Posted: Thu May 02, 2002 3:02 am Post subject:
Re: deperlifying sockstat(1)
|
|
|
In message <xzp8z73pjh6.fsf@flood.ping.uio.no>, Dag-Erling Smorgrav writes:
| Quote: | I'm working on a C version of sockstat(1), and to complete it I need
to do nasty stuff like using libkvm and defining _KERNEL before
including some headers (see fstat). I'm starting to think that it
would be easier to just make a kern.sockstat sysctl node, and make
sockstat(1) a #!/bin/sh wrapper around sysctl(. Ideas?
|
sysctl is way better than libkvm because it provides a chance
for presentation.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message |
|
| Back to top |
|
|
Robert Watson
*nix forums Guru Wannabe
Joined: 22 Mar 2002
Posts: 218
|
| Posted: Thu May 02, 2002 2:22 am Post subject:
Re: deperlifying sockstat(1)
|
|
|
On Wed, 1 May 2002, Robert Watson wrote:
| Quote: | I'd love it if neither netstat nor sockstat required privilege to run,
and could extract it all from sysctl. If you do that, make sure you
call appropriate socket visibility hooks in the sysctl export so that it
DTRT for jail, MAC, etc. Eliminating setgid kmem even more will
continue to markedly improve the security of FreeBSD 5.0... I tweaked a
couple out, and Thomas Moestl did a large chunk of the remainder, but
there are still some that are left. In particular fixing systat would
be highly desirable, as it does a fair amount of I/O.
|
FWIW, reviewing the binaries on my system, systat is no longer setgid.
Thomas got it already.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
robert@fledge.watson.org NAI Labs, Safeport Network Services
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message |
|
| Back to top |
|
|
Robert Watson
*nix forums Guru Wannabe
Joined: 22 Mar 2002
Posts: 218
|
| Posted: Thu May 02, 2002 2:18 am Post subject:
Re: deperlifying sockstat(1)
|
|
|
On 2 May 2002, Dag-Erling Smorgrav wrote:
| Quote: | I'm working on a C version of sockstat(1), and to complete it I need to
do nasty stuff like using libkvm and defining _KERNEL before including
some headers (see fstat). I'm starting to think that it would be easier
to just make a kern.sockstat sysctl node, and make sockstat(1) a
#!/bin/sh wrapper around sysctl(. Ideas?
|
I'd love it if neither netstat nor sockstat required privilege to run, and
could extract it all from sysctl. If you do that, make sure you call
appropriate socket visibility hooks in the sysctl export so that it DTRT
for jail, MAC, etc. Eliminating setgid kmem even more will continue to
markedly improve the security of FreeBSD 5.0... I tweaked a couple out,
and Thomas Moestl did a large chunk of the remainder, but there are still
some that are left. In particular fixing systat would be highly
desirable, as it does a fair amount of I/O.
BTW, your wrapper for the sysctl might have to be a C wrapper so it has
easier access to getpw*() and getgr*() in a NIS-happy way. My
recollection was that sockstat relied on the results of database lookups
to generate nicer output, and it would be a shame to lose that.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
robert@fledge.watson.org NAI Labs, Safeport Network Services
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message |
|
| Back to top |
|
|
Dag-Erling Smorgrav
*nix forums Guru Wannabe
Joined: 23 Mar 2002
Posts: 110
|
| Posted: Wed May 01, 2002 9:17 pm Post subject:
Re: deperlifying sockstat(1)
|
|
|
Alfred Perlstein <bright@mu.org> writes:
| Quote: | What's wrong with extending the mess already in fstat or just
popen()'ing it like the current sockstat does?
|
C is not Perl.
DES
--
Dag-Erling Smorgrav - des@ofug.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message |
|
| Back to top |
|
|
Alfred Perlstein
*nix forums addict
Joined: 19 Mar 2002
Posts: 67
|
| Posted: Wed May 01, 2002 9:03 pm Post subject:
Re: deperlifying sockstat(1)
|
|
|
* Dag-Erling Smorgrav <des@ofug.org> [020501 15:54] wrote:
| Quote: | I'm working on a C version of sockstat(1), and to complete it I need
to do nasty stuff like using libkvm and defining _KERNEL before
including some headers (see fstat). I'm starting to think that it
would be easier to just make a kern.sockstat sysctl node, and make
sockstat(1) a #!/bin/sh wrapper around sysctl(. Ideas?
|
What's wrong with extending the mess already in fstat or just
popen()'ing it like the current sockstat does?
--
-Alfred Perlstein [alfred@freebsd.org]
'Instead of asking why a piece of software is using "1970s technology,"
start asking why software is ignoring 30 years of accumulated wisdom.'
Tax deductible donations for FreeBSD: http://www.freebsdfoundation.org/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message |
|
| Back to top |
|
|
Dag-Erling Smorgrav
*nix forums Guru Wannabe
Joined: 23 Mar 2002
Posts: 110
|
| Posted: Wed May 01, 2002 8:54 pm Post subject:
deperlifying sockstat(1)
|
|
|
I'm working on a C version of sockstat(1), and to complete it I need
to do nasty stuff like using libkvm and defining _KERNEL before
including some headers (see fstat). I'm starting to think that it
would be easier to just make a kern.sockstat sysctl node, and make
sockstat(1) a #!/bin/sh wrapper around sysctl(. Ideas?
DES
--
Dag-Erling Smorgrav - des@ofug.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message |
|
| Back to top |
|
|
Google
|
|
| Back to top |
|
|
|
|
The time now is Thu Jan 08, 2009 5:21 am | All times are GMT
|
|
Bankruptcy | Loans | Home Equity Loan | Looking for Credit Cards? | Credit Cards
|
|
Copyright © 2004-2005 DeniX Solutions SRL
|
|
|
|
Other DeniX Solutions sites:
Unix/Linux blog |
electronics forum |
medicine forum |
science forum |
|
|
Privacy Policy
|
Powered by phpBB © 2001, 2005 phpBB Group
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Forum index
»
*nix
»
BSD
»
FreeBSD
»
mail-lists
»
Architecture
