System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

lsof does not grap all ports

HP-UX User_1
Frequent Advisor

lsof does not grap all ports

I install lsof on HPUX 11.11, configuration and generation of binaries went fine. i was able to list every port including the TCP ports, however every other user is unable to list the TCP port even when the port number is specified. Below is the msg as root user and non root user
$ ps
PID TTY TIME COMMAND
18118 pts/te 0:00 ps
22202 pts/te 0:00 sh
22201 pts/te 0:00 telnetd
$ lsof -p 22201
$ lsof
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
lsof 18120 csuadmin cwd DIR 105,0x4 96 12536 /users (wsgnfs:/us)
lsof 18120 csuadmin txt REG 64,0xb 118784 34158 /usr/local/bin/lsof
lsof 18120 csuadmin mem REG 64,0x8 135168 25984 /opt/star-ncf-prod2
lsof 18120 csuadmin mem REG 64,0xb 753664 14596 /usr/lib/libnsl.1
lsof 18120 csuadmin mem REG 64,0xb 24576 16708 /usr/lib/libdld.2
lsof 18120 csuadmin mem REG 64,0xb 1839104 125 /usr/lib/libc.2
lsof 18120 csuadmin mem REG 64,0xb 393216 16706 /usr/lib/dld.sl
lsof 18120 csuadmin 0u STR 33,0x4 0t14800 662 /dev/pts/te->ldters
lsof 18120 csuadmin 1u STR 33,0x4 0t14800 662 /dev/pts/te->ldters
lsof 18120 csuadmin 2u STR 33,0x4 0t14800 662 /dev/pts/te->ldters
lsof 18120 csuadmin 5w FIFO 0x70c57c48 0t0 28251
lsof 18120 csuadmin 6r FIFO 0x70c571c8 0t0 28252
sh 22202 csuadmin cwd DIR 105,0x4 96 12536 /users (wsgnfs:/us)
sh 22202 csuadmin txt REG 64,0xb 208896 16629 /usr/bin/sh
sh 22202 csuadmin mem REG 64,0xb 24576 16708 /usr/lib/libdld.2
sh 22202 csuadmin mem REG 64,0xb 1839104 125 /usr/lib/libc.2
sh 22202 csuadmin mem REG 64,0xb 393216 16706 /usr/lib/dld.sl
sh 22202 csuadmin 0u
sh 22202 csuadmin 1u STR 33,0x4 0t14800 662 /dev/pts/te->ldters
sh 22202 csuadmin 2u STR 33,0x4 0t14800 662 /dev/pts/te->ldters
sh 22202 csuadmin 5w FIFO 0x70c57c48 0t0 28251
sh 24676 csuadmin cwd DIR 105,0x4 96 12536 /users (wsgnfs:/us)
sh 24676 csuadmin txt REG 64,0xb 208896 16629 /usr/bin/sh
sh 24676 csuadmin mem REG 64,0xb 24576 16708 /usr/lib/libdld.2
sh 24676 csuadmin mem REG 64,0xb 1839104 125 /usr/lib/libc.2
sh 24676 csuadmin mem REG 64,0xb 393216 16706 /usr/lib/dld.sl
sh 24676 csuadmin 0u
sh 24676 csuadmin 1u STR 33,0x4 0t14800 662 /dev/pts/te->ldters
sh 24676 csuadmin 2u STR 33,0x4 0t14800 662 /dev/pts/te->ldters
sh 24676 csuadmin 5w FIFO 0x70c57c48 0t0 28251
sh 24676 csuadmin 6r FIFO 0x70c571c8 0t0 28252
sh 24676 csuadmin 0u UNKN no more information
tstbe1# />lsof -p 22201
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
telnetd 22201 root cwd DIR 64,0x5 8192 2 /
telnetd 22201 root txt REG 64,0xb 98304 10155 /usr/lbin/telnetd
telnetd 22201 root mem REG 64,0xb 53248 6085 /usr/lib/libnss_files.
1
telnetd 22201 root mem REG 64,0x8 135168 25984 /opt/star-ncf-prod/ep_
patch/usr/lib/libxti.2
telnetd 22201 root mem REG 64,0xb 753664 14596 /usr/lib/libnsl.1
telnetd 22201 root mem REG 64,0xb 45056 14659 /usr/lib/libnss_nis.1
telnetd 22201 root mem REG 64,0xb 1044480 112 /usr/lib/libsis.sl
telnetd 22201 root mem REG 64,0xb 24576 16708 /usr/lib/libdld.2
telnetd 22201 root mem REG 64,0xb 1839104 125 /usr/lib/libc.2
telnetd 22201 root mem REG 64,0xb 393216 16706 /usr/lib/dld.sl
telnetd 22201 root mem REG 64,0xc 532 2019 /var/spool/pwgr/status
telnetd 22201 root 0u IPv4 0x726f9e00 0t0 TCP tsgbe1:telnet->10.10.4
.134:1335 (ESTABLISHED)
telnetd 22201 root 1u IPv4 0x726f9e00 0t0 TCP tsgbe1:telnet->10.10.4
.134:1335 (ESTABLISHED)
telnetd 22201 root 2u IPv4 0x726f9e00 0t0 TCP tsgbe1:telnet->10.10.4
.134:1335 (ESTABLISHED)
telnetd 22201 root 3u STR 22,0x240005 0t0 85 /dev/udp->udpm->ip
telnetd 22201 root 4u STR 32,0x4 0t110 1357 /dev/telnetm->pckt->te
lm
telnetd 22201 root 5u unix 64,0xc 0t0 97 /var/spool/sockets/pwg
r/client22201 (0x79c17640)
telnetd 22201 root 7r REG 64,0x5 49 5801 /etc/issue
tstbe1# />

Can anyone help with this issue?


7 REPLIES
OldSchool
Honored Contributor

Re: lsof does not grap all ports

In the example given:
$ ps
PID TTY TIME COMMAND
18118 pts/te 0:00 ps
22202 pts/te 0:00 sh
22201 pts/te 0:00 telnetd
$ lsof -p 22201

22201 is *not* a port number, its a process identifer..

what happens if the non-root user runs this *on a process they own*?
HP-UX User_1
Frequent Advisor

Re: lsof does not grap all ports

non-root user cannot display the process. It does not even show up see below

$ ps
PID TTY TIME COMMAND
22202 pts/te 0:00 sh
22201 pts/te 0:00 telnetd
19912 pts/te 0:00 ps
$ lsof -p 22201
$
Julián Aimar
Frequent Advisor

Re: lsof does not grap all ports

Hi,

22202 is a PID, isn´t a port number.

For example to find all the processes associated with port 23 (telnet), you can specify either the port number or name

lsof -i :23
or
lsof -i :telnet

then when the process id is displayed:
lsof -p PID

Buena suerte..!!!

JEA
Matti_Kurkela
Honored Contributor

Re: lsof does not grap all ports

If lsof is run as a non-root user, it will show information about processes belonging to that user only. This is a compile-time option in lsof, and it's enabled by default.

If this feature is disallowed, it allows users to spy on each other with lsof. This is bad for security.

Although the lsof command is setuid root (it must be, or it cannot work!), it can detect whether it's run by a non-root user or a real root. (Just like the "passwd" command: passwd is setuid root, but it still won't allow ordinary users to change other users' passwords.)

And by the way: lsof -p 22201 is not related to TCP ports at all. It displays the files and sockets opened by the process that has PID number 22201.

To display processes by TCP port, the syntax is "lsof -i tcp:". For example,
running "lsof -i tcp:22" will report the sshd process if it's running on the system. But because sshd normally runs as root, you must be root to get the answer!

MK
MK
HP-UX User_1
Frequent Advisor

Re: lsof does not grap all ports

I understand the security risk, however I need to use this to grab the package name on system running serviceguard. Unless anybody has other suggestions this is the only option that HP recommended. I need to subtitute system name with package name on the PS1 prompt when user log on with the package IP. Is there any other way of doing this without jeopardizng the security
F Verschuren
Esteemed Contributor

Re: lsof does not grap all ports

nlxsms01:nl11588> sudo lsof -i 4 -a -p 6025
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
telnetd 6025 root 0u inet 0x4e89a880 0t0 TCP localhost:* (ESTABLISHED)
telnetd 6025 root 1u inet 0x4e89a880 0t0 TCP localhost:* (ESTABLISHED)
telnetd 6025 root 2u inet 0x4e89a880 0t0 TCP localhost:* (ESTABLISHED)
nlxsms01:nl11588>

lsof -i -n -P |grep LISTEN |grep inetd
inetd 2200 root 5u inet 0x48a0f040 0t0 TCP *:21 (LISTEN)
inetd 2200 root 6u inet 0x48a0f340 0t0 TCP *:23 (LISTEN)
inetd 2200 root 8u inet 0x48c07380 0t0 TCP *:513 (LISTEN)
inetd 2200 root 9u inet 0x48a0fac0 0t0 TCP *:514 (LISTEN)
inetd 2200 root 10u inet 0x48a0f940 0t0 TCP *:512 (LISTEN)
inetd 2200 root 11u inet 0x48a0f7c0 0t0 TCP *:113 (LISTEN)
inetd 2200 root 13u inet 0x48a0f4c0 0t0 TCP *:1712 (LISTEN)
inetd 2200 root 14u inet 0x48c07080 0t0 TCP *:5303 (LISTEN)
inetd 2200 root 16u inet 0x48a0fc40 0t0 TCP *:5302 (LISTEN)
HP-UX User_1
Frequent Advisor

Re: lsof does not grap all ports

Where in the output you send was the package name displayed?