1748069 Members
5124 Online
108758 Solutions
New Discussion юеВ

Re: lsof error

 

lsof error

Hi Guys,

When trying to use lsof from one user to other ...the command is not working.. .

user1@server1# lsof -u user2

lsof: ID 203964 request rejected because of security mode.
lsof 4.78
latest revision: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/
latest FAQ: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/FAQ
latest man page: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/lsof_man
usage: [-?abChlnNoOPRstUvV] [+|-c c] [+|-d s] [+D D] [+|-f[cfgGn]]
[-F [f]] [-g [s]] [-i [i]] [+|-L [l]] [+|-M] [-o [o]]
[-p s] [+|-r [t]] [-S [t]] [-T [t]] [-u s] [+|-w] [-x [fl]] [--] [names]
Use the ``-h'' option to get more help information.


Thanks for support in advance.
Pratibha
8 REPLIES 8
Suraj K Sankari
Honored Contributor

Re: lsof error

Hi Prathbha,


http://hpux.connect.org.uk/hppd/hpux/Sysadmin/lsof-4.82/

to uninstall
swremove lsof

to install
check your version of your os then install the version of LSOF.

to know the version and os bits
uname -a
getconf KERNEL_BITS

Suraj
R.K. #
Honored Contributor

Re: lsof error

Hi Pratibha,

Try with userID of that user..

Example:
# /usr/sbin/lsof -u 197

Regds..


Don't fix what ain't broke

Re: lsof error

Hi R.k,

Getting same error with using uid

lsof: ID 203814 request rejected because of security mode.
lsof 4.78
latest revision: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/
latest FAQ: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/FAQ
latest man page: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/lsof_man
usage: [-?abChlnNoOPRstUvV] [+|-c c] [+|-d s] [+D D] [+|-f[cfgGn]]
[-F [f]] [-g [s]] [-i [i]] [+|-L [l]] [+|-M] [-o [o]]
[-p s] [+|-r [t]] [-S [t]] [-T [t]] [-u s] [+|-w] [-x [fl]] [--] [names]
Use the ``-h'' option to get more help information

Please suggest.
Pratibha

Re: lsof error

Hi Suraj,

#lsof -u user1

this command is support for same user, but its not allowing to see open files under another users,

is there any security issue /settings?

May server os is : HP-UX server1 B.11.31 U ia64 2151713998 unlimited-user license

Thanks,
Pratibha
R.K. #
Honored Contributor

Re: lsof error

Run:
# lsof -h

Security
========

If the symbol HASSECURITY is defined, a security mode is enabled,
and lsof will allow only the root user to list all open files.
Non-root users may list only open files whose processes have the
same user ID as the real user ID of the lsof process (the one that
its user logged on with).

However, if HASNOSOCKSECURITY is also defined, anyone may list
anyone else's open socket files, provided their listing is enabled
with the "-i" option.

The lsof -h output indicates the state HASSECURITY and HASNOSOCKSECURITY
had when lsof was built, reporting:

"Only root can list all files;"
if HASSECURITY was defined and HASNOSOCKSECURITY wasn't
defined;

"Only root can list all files, but anyone can list socket files."
if HASSECURITY and HASNOSOCKSECURITY were both defined;

"Anyone can list all files;"
if HASSECURITY wasn't defined. (The definition of
HASNOSOCKSECURITY doesn't matter when HASSECURITY isn't
defined.)
Don't fix what ain't broke
R.K. #
Honored Contributor

Re: lsof error

Attached "faq on lsof", please read from page 111 (Security part).... you might find some hits.

Hope it might help..
Don't fix what ain't broke
BUPA IS
Respected Contributor

Re: lsof error

Hello
I think you need to upgrade to version 4.82. version 4.81 contains fixes for hp-ux 11.31 and 4.82 mentions fixes for over zealous security checking see faq readme in here:

http://coast.cs.purdue.edu/pub/tools/unix/sysutils/lsof/README

The new version can be found on the porting and archiving center here :

http://hpux.connect.org.uk/hppd/hpux/Sysadmin/lsof-4.82/
i hope this is of some use
Mike
Help is out there always!!!!!
BUPA IS
Respected Contributor

Re: lsof error

Hello,
In the install notes there is the story of exactly how the binary was compiled by the HP porting centre, basically the security features are enabled.

http://hpux.connect.org.uk/hppd/cgi-bin/wwwtar?/hpux/Sysadmin/lsof-4.82/lsof-4.82-src-11.11.tar.gz+lsof-4.82/HPUX.Install+text

You have two possiblities:
Use sudo to permit access for those users who actually need to look at other peoples file status or
if you must have open access, (which I do not reccommend) , fix the config files and recompile it to make open.

Mike
Help is out there always!!!!!