fuser and lsof only work as root... why?  used to work as any user

Posted on 2012-08-15
Last Modified: 2012-08-16
I used to be able to run these as any user... why do they return nothing unless run by root?

Redhat 6.1
Question by:Xetroximyn
    LVL 38

    Expert Comment

    You need to have root permissions to run lsof and fuser command, since a non-root user don't have permissions to access to all the files/dirs in the whole system, and you dont want
    the non-root user to use fuser command to kill the process own by the other users.

    But you can setup sudo to allow some of the user(s) to use sudo to run the commands.

    Author Comment

    I have always in the past run fuser from not-root users...  never ran it through sudo... any idea how I can do that again?

    how would I set up sudo?
    LVL 44

    Assisted Solution

    > how would I set up sudo?
    To edit the /etc/sudoers file you should use
    But, you need root access to run visudo.
    i.e. the fist time you use it is a catch 22, because the only user that has sudo rights by default is 'root'

    So, you run
    $ su --login -c 'visudo'
    and enter the password for root... once you've added your own username to sudoers, you can just run
    $ sudo visudo
    and enter your password (your own password, not the root password)

    There are two 'modes' in visudo
    • Command mode - Press ESC to access
    • Insert mode - Press I (upper-case i) to access

    visudo is always in either Command or Insert mode.

    • To move the insert point, press ESC and use the arrow keys
    • Once you're where you need to be, press I and enter text
    • Deleting a character works best in Command mode... select the character and press the Delete key (not the Backspace key). You can do it in Insert mode, but depending on where the characters are deleted, it can make the text hard to follow.
    • To save changes, in Command mode type :w and press Enter.
    • To quit, in Command mode type :q and press Enter.
    • To quit without saving changes, in Command mode type :q! and press Enter.

    Anyway, scroll down to the 'user' section, where you will find a line that says
    root    ALL=(ALL) ALL

    Press I and add your username below that, so it looks like
    root    ALL=(ALL) ALL
    Xetroximyn    ALL=(ALL) ALL

    then press ESC, type :wq to write the changes to sudoers and quit.

    Add further users you want to grant sudo access below the last name in the users list, instead of just below 'root'.

    The final ALL on each of those lines can be replaced with a comma-delimited list of commands you want to allow to be run by the sudo user.
    someuser    ALL=(ALL) /sbin/fuser, /usr/sbin/lsof

    would let someuser use sudo to run fuser and lsof, but nothing else that requires root access, such as yum, and specifying the path keeps commands with those names that might be placed elsewhere (maliciously) from being invoked.

    You can also make groups (the sample group in the sudoers file is 'wheel'), give each group different levels of access, then you would control users' sudo access by adding them to a group, without having to edit the /etc/sudoers file every time.

    $ man sudo
    $ man 8 sudo
    LVL 68

    Accepted Solution

    fuser as well as lsof require the SUID bit being set, at least in proprietary Unixes.
    Under Linux your issue might also be SELinux related.

    Anyway, could it be that these bits have been removed - by whom/what ever?


    ls -l $(which fuser) $(which lsof)

    You should in both cases see an "s" in the 4th column, like

    -r-sr-xr-x    1 root     system      244233 Apr 01 2009  /usr/sbin/lsof
    -r-sr-xr-x    1 root     system       36630 Apr 18 00:07 /usr/sbin/fuser

    If it's not there try to find out why/by whom is has been removed. Check your other (still working) machines (if any). Does it look the same there?

    To set the SUID bit issue

    chmod u+s $(which fuser)  $(which lsof)

    Here is more about SUID:

    Author Closing Comment


    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    If you use Debian 6 Squeeze and you are tired of looking at the childish graphical GDM login screen that is used by default, here's an easy way to change it. If you've already tried to change it you've probably discovered that none of the old met…
    The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
    This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
    Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now