?
Solved

fuser and lsof only work as root... why?  used to work as any user

Posted on 2012-08-15
5
Medium Priority
?
3,278 Views
Last Modified: 2012-08-16
I used to be able to run these as any user... why do they return nothing unless run by root?

Redhat 6.1
0
Comment
Question by:Xetroximyn
5 Comments
 
LVL 38

Expert Comment

by:yuzh
ID: 38298854
You need to have root permissions to run lsof and fuser command, since a non-root user don't have permissions to access to all the files/dirs in the whole system, and you dont want
the non-root user to use fuser command to kill the process own by the other users.

But you can setup sudo to allow some of the user(s) to use sudo to run the commands.
0
 

Author Comment

by:Xetroximyn
ID: 38298873
I have always in the past run fuser from not-root users...  never ran it through sudo... any idea how I can do that again?

how would I set up sudo?
0
 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 1000 total points
ID: 38299054
> how would I set up sudo?
To edit the /etc/sudoers file you should use
visudo
But, you need root access to run visudo.
i.e. the fist time you use it is a catch 22, because the only user that has sudo rights by default is 'root'

So, you run
$ su --login -c 'visudo'
and enter the password for root... once you've added your own username to sudoers, you can just run
$ sudo visudo
and enter your password (your own password, not the root password)

There are two 'modes' in visudo
• Command mode - Press ESC to access
• Insert mode - Press I (upper-case i) to access

visudo is always in either Command or Insert mode.

• To move the insert point, press ESC and use the arrow keys
• Once you're where you need to be, press I and enter text
• Deleting a character works best in Command mode... select the character and press the Delete key (not the Backspace key). You can do it in Insert mode, but depending on where the characters are deleted, it can make the text hard to follow.
• To save changes, in Command mode type :w and press Enter.
• To quit, in Command mode type :q and press Enter.
• To quit without saving changes, in Command mode type :q! and press Enter.

Anyway, scroll down to the 'user' section, where you will find a line that says
root    ALL=(ALL) ALL

Press I and add your username below that, so it looks like
root    ALL=(ALL) ALL
Xetroximyn    ALL=(ALL) ALL

then press ESC, type :wq to write the changes to sudoers and quit.

Add further users you want to grant sudo access below the last name in the users list, instead of just below 'root'.

The final ALL on each of those lines can be replaced with a comma-delimited list of commands you want to allow to be run by the sudo user.
e.g.
someuser    ALL=(ALL) /sbin/fuser, /usr/sbin/lsof

would let someuser use sudo to run fuser and lsof, but nothing else that requires root access, such as yum, and specifying the path keeps commands with those names that might be placed elsewhere (maliciously) from being invoked.

You can also make groups (the sample group in the sudoers file is 'wheel'), give each group different levels of access, then you would control users' sudo access by adding them to a group, without having to edit the /etc/sudoers file every time.

See
$ man sudo
and/or
$ man 8 sudo
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 1000 total points
ID: 38299447
fuser as well as lsof require the SUID bit being set, at least in proprietary Unixes.
Under Linux your issue might also be SELinux related.

Anyway, could it be that these bits have been removed - by whom/what ever?

Issue

ls -l $(which fuser) $(which lsof)

You should in both cases see an "s" in the 4th column, like

-r-sr-xr-x    1 root     system      244233 Apr 01 2009  /usr/sbin/lsof
-r-sr-xr-x    1 root     system       36630 Apr 18 00:07 /usr/sbin/fuser

If it's not there try to find out why/by whom is has been removed. Check your other (still working) machines (if any). Does it look the same there?

To set the SUID bit issue

chmod u+s $(which fuser)  $(which lsof)

Here is more about SUID:
http://en.wikipedia.org/wiki/Setuid
1
 

Author Closing Comment

by:Xetroximyn
ID: 38302858
Thanks!
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses
Course of the Month14 days, 19 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question