/bin/ps for regular user

mad_penguin · 07-16-2012, 06:02 PM

Hi

Is there any way of giving a regular Linux user the right to use /bin/ps as root has? I mean if I run ps under some regular use I can only see the processes running under that user.
I'm aware that I can put this user into sudoers but I don't wanna do that. I just want this user to be able to check processes (all of them).

ls -la /bin/ps
-r-xr-xr-x 1 root root 95684 May 4 2011 /bin/ps

Thanks.

suicidaleggroll · 07-16-2012, 06:09 PM

Use "ps -e"

mad_penguin · 07-16-2012, 06:11 PM

Hm ... sry, seems that it won't show 'all', just those from the above.

PID TTY TIME CMD
14819 pts/1 00:00:00 su
14820 pts/1 00:00:00 bash
14825 pts/1 00:00:00 ps
32601 ? 00:00:00 sshd
32602 pts/0 00:00:00 bash

suicidaleggroll · 07-16-2012, 06:12 PM

What system is this?

mad_penguin · 07-16-2012, 06:24 PM

gentoo

suicidaleggroll · 07-16-2012, 06:35 PM

Never used gentoo, but ps -e works on all of the systems I have access to. Check "man ps" and see what the flags are for your system.

unSpawn · 07-16-2012, 06:42 PM

Quote:

Originally Posted by mad_penguin

if I run ps under some regular use I can only see the processes running under that user.

This is not typical 'ps' behaviour. Does your Gentoo run a standard 'ps' binary or not? Does your Gentoo run some sort of MAC like GRSecurity? Anything like library preloaders or anything else we should know about? (In the worst case you could run something like 'strace -f -ff -v -s 1024 -o /tmp/ps.log /bin/ps axf' as that user and attach the output as plain text.)

Quote:

Originally Posted by mad_penguin

I'm aware that I can put this user into sudoers but I don't wanna do that.

And what are your valid and compelling reasons for not wanting easily configurable, maintainable and fine-grained control?

mad_penguin · 07-16-2012, 06:47 PM

Hm .. nope, it ain't workin' Tried though ...

Thanks suicidaleggroll. Indeed, I also have a few other linux boxes, Ubuntu, Debian ... and I can run ps and see all processes, just fine.

Anyone has any other idea ? How can this be done without adding the user to sudoers ?

mad_penguin · 07-16-2012, 07:18 PM

unSpawn, thanks for answering.

I've had a second though and there's no reason for not using sudoers. I'm gonna add this user into sudoers and allow him to run only ps command.

Thanks a lot.