Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 05-19-2015, 08:11 AM   #1
Registered: Apr 2013
Posts: 47

Rep: Reputation: Disabled
lsof -i Issue


I would like to use the lsof -i command without a privilege elevated user, however it doesn't work, the output is null. It does only work when I sudo it. On another server, I've got it working perfectly, without the user being root or having to use sudo (web user). How would I be able to proceed ?
Linux - Ubuntu 14.04.

Old 05-19-2015, 10:32 AM   #2
Senior Member
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: CentOS 6 (pre-systemd)
Posts: 2,810

Rep: Reputation: 749Reputation: 749Reputation: 749Reputation: 749Reputation: 749Reputation: 749Reputation: 749
On the other server is it setuid root?
Old 05-19-2015, 10:34 AM   #3
LQ Guru
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 6,986
Blog Entries: 14

Rep: Reputation: 1187Reputation: 1187Reputation: 1187Reputation: 1187Reputation: 1187Reputation: 1187Reputation: 1187Reputation: 1187Reputation: 1187
It's related to how it was compiled. You can recompile your own to allow non-root users to use it but I prefer to use sudo to give access to the few folks that might need it.

From "man lsof"

Lsof has three features that may cause security concerns. First, its
default compilation mode allows anyone to list all open files with it.
Second, by default it creates a user-readable and user-writable device
cache file in the home directory of the real user ID that executes
lsof. (The list-all-open-files and device cache features may be dis-
abled when lsof is compiled.) Third, its -k and -m options name alter-
nate kernel name list or memory files.

Restricting the listing of all open files is controlled by the com-
is defined, lsof will allow only the root user to list all open files.
The non-root user may list only open files of processes with the same
user IDentification number as the real user ID number of the lsof pro-
cess (the one that its user logged on with).

However, if HASSECURITY and HASNOSOCKSECURITY are both defined, anyone
may list open socket files, provided they are selected with the -i

When HASSECURITY is not defined, anyone may list all open files.

Help output, presented in response to the -h or -? option, gives the
status of the HASSECURITY and HASNOSOCKSECURITY definitions.

See the Security section of the 00README file of the lsof distribution
for information on building lsof with the HASSECURITY and HASNOSOCKSE-
CURITY options enabled.
P.S. lsof is one of the greatest tools for UNIX/Linux. It can do so many different things. I heartily recommend it to all who haven't learned of it yet. It's author, Vic Abel, was even kind enough to work with me and one of the big UNIX vendors a few years back when I discovered issues with it on their platform.
Old 05-19-2015, 11:08 AM   #4
Registered: Apr 2013
Posts: 47

Original Poster
Rep: Reputation: Disabled
Not setuid root for the process and the lsof file (/usr/bin/lsof).

How would I be able to proceed ?

Also, I've noticed something, the process created by the other server have 'dr-xr-xr-x 7 www-data www-data' while the other one have 'dr-x------ 7 www-data www-data'.
Not sure it'd be very important since owner in both cases have read access.
Two log files were added, both strace of the working and non working lsof from servers. 'lsof.log' is the non working and 'lsof-good.log' is the one working.
The file 'lsof-good.log' was cutted since it was too big to be uploaded.

Thanks for your help.
Attached Files
File Type: log lsof.log (99.0 KB, 7 views)
File Type: log lsof-good.log (248.7 KB, 9 views)


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] lsof not found geekslinux AIX 4 12-18-2014 10:15 PM
Get PID from lsof -i Ra'Jiska Linux - Server 6 07-29-2013 10:49 PM
Why cannot run lsof? thomas2004ch Linux - Newbie 4 03-05-2010 08:15 AM
using lsof command rheosiva Linux - Newbie 2 04-02-2009 01:36 AM
lsof redirect WRXSTi Programming 8 10-02-2006 03:45 PM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 11:38 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration