Curtor |
03-11-2008 09:06 AM |
Not sure if this is exactly what you were looking for, but I ran *this* with the strace (not as root though..). I didn't want to spam the thread, but let me know what I should run here please.
Code:
[jane@GRID10 bin]$ strace /usr/bin/rsh GRID10 /usr/bin/whoami
execve("/usr/bin/rsh", ["/usr/bin/rsh", "GRID10", "/usr/bin/whoami"], [/* 43 vars */]) = 0
brk(0) = 0xb8d02000
fcntl64(0, F_GETFD) = 0
fcntl64(1, F_GETFD) = 0
fcntl64(2, F_GETFD) = 0
access("/etc/suid-debug", F_OK) = -1 ENOENT (No such file or directory)
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=59662, ...}) = 0
mmap2(NULL, 59662, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7f42000
close(3) = 0
open("/lib/libcrypt.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \227r\0064\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=45316, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f41000
mmap2(NULL, 201020, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x12e000
mmap2(0x137000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8) = 0x137000
mmap2(0x139000, 155964, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x139000
close(3) = 0
open("/lib/libutil.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\232\234\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=15204, ...}) = 0
mmap2(NULL, 12428, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x160000
mmap2(0x162000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0x162000
close(3) = 0
open("/lib/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\324\25\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1692524, ...}) = 0
mmap2(NULL, 1410608, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x164000
mmap2(0x2b7000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x153) = 0x2b7000
mmap2(0x2ba000, 9776, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x2ba000
close(3) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f40000
set_thread_area({entry_number:-1 -> 6, base_addr:0xb7f406c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
mprotect(0x2b7000, 8192, PROT_READ) = 0
mprotect(0x162000, 4096, PROT_READ) = 0
mprotect(0x137000, 4096, PROT_READ) = 0
mprotect(0x12b000, 4096, PROT_READ) = 0
munmap(0xb7f42000, 59662) = 0
getuid32() = 101
brk(0) = 0xb8d02000
brk(0xb8d23000) = 0xb8d23000
socket(PF_FILE, SOCK_STREAM, 0) = 3
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
socket(PF_FILE, SOCK_STREAM, 0) = 3
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
open("/etc/nsswitch.conf", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=1696, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f50000
read(3, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1696
read(3, "", 4096) = 0
close(3) = 0
munmap(0xb7f50000, 4096) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=59662, ...}) = 0
mmap2(NULL, 59662, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7f42000
close(3) = 0
open("/lib/libnss_files.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\30\0\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=50768, ...}) = 0
mmap2(NULL, 45712, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2bd000
mmap2(0x2c7000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9) = 0x2c7000
close(3) = 0
mprotect(0x2c7000, 4096, PROT_READ) = 0
munmap(0xb7f42000, 59662) = 0
open("/etc/passwd", O_RDONLY|0x80000 /* O_??? */) = 3
fcntl64(3, F_GETFD) = 0x1 (flags FD_CLOEXEC)
fstat64(3, {st_mode=S_IFREG|0644, st_size=2079, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f50000
read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 2079
close(3) = 0
munmap(0xb7f50000, 4096) = 0
socket(PF_FILE, SOCK_STREAM, 0) = 3
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
socket(PF_FILE, SOCK_STREAM, 0) = 3
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
open("/etc/services", O_RDONLY|0x80000 /* O_??? */) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=362047, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f50000
read(3, "# /etc/services:\n# $Id: services"..., 4096) = 4096
read(3, " News Transfer Protocol\nntp\t\t123"..., 4096) = 4096
read(3, "ebook\nphonebook\t767/udp\nrsync\t\t8"..., 4096) = 4096
close(3) = 0
munmap(0xb7f50000, 4096) = 0
getpid() = 25152
socket(PF_NETLINK, SOCK_RAW, 0) = 3
bind(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
getsockname(3, {sa_family=AF_NETLINK, pid=25152, groups=00000000}, [12]) = 0
time(NULL) = 1205243978
sendto(3, "\24\0\0\0\26\0\1\3J\220\326G\0\0\0\0\0\0\0\0", 20, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"0\0\0\0\24\0\2\0J\220\326G@b\0\0\2\10\200\376\1\0\0\0\10\0\1\0\177\0\0\1"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 108
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"@\0\0\0\24\0\2\0J\220\326G@b\0\0\n\200\200\376\1\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 128
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000}, msg_iov(1)=[{"\24\0\0\0\3\0\2\0J\220\326G@b\0\0\0\0\0\0\1\0\0\0\24\0\1\0\0\0\0\0"..., 4096}], msg_controllen=0, msg_flags=0}, 0) = 20
close(3) = 0
socket(PF_FILE, SOCK_STREAM, 0) = 3
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
socket(PF_FILE, SOCK_STREAM, 0) = 3
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK) = 0
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
open("/etc/resolv.conf", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=75, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f50000
read(3, "search localdomain.com\nnameserve"..., 4096) = 75
read(3, "", 4096) = 0
close(3) = 0
munmap(0xb7f50000, 4096) = 0
open("/etc/hosts", O_RDONLY|0x80000 /* O_??? */) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=240, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f50000
read(3, "# Do not remove the following li"..., 4096) = 240
read(3, "", 4096) = 0
close(3) = 0
munmap(0xb7f50000, 4096) = 0
open("/etc/hosts", O_RDONLY|0x80000 /* O_??? */) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=240, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f50000
read(3, "# Do not remove the following li"..., 4096) = 240
close(3) = 0
munmap(0xb7f50000, 4096) = 0
open("/etc/host.conf", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=17, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f50000
read(3, "order hosts,bind\n", 4096) = 17
read(3, "", 4096) = 0
close(3) = 0
munmap(0xb7f50000, 4096) = 0
open("/etc/hosts", O_RDONLY|0x80000 /* O_??? */) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=240, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7f50000
read(3, "# Do not remove the following li"..., 4096) = 240
close(3) = 0
munmap(0xb7f50000, 4096) = 0
rt_sigprocmask(SIG_BLOCK, [URG], [], 8) = 0
socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3
bind(3, {sa_family=AF_INET, sin_port=htons(1023), sin_addr=inet_addr("0.0.0.0")}, 16) = -1 EACCES (Permission denied)
close(3) = 0
write(2, "rcmd: socket: Permission denied\n", 32rcmd: socket: Permission denied
) = 32
rt_sigprocmask(SIG_SETMASK, [], [URG], 8) = 0
exit_group(1) = ?
|