cannot open /proc/net/dev (No such file or directory).

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

cannot open /proc/net/dev (No such file or directory).

Postby urbiusz » Sat Apr 25, 2009 8:54 am

Hi,

I just upgraded kernel in my system from 2.6.27.10-grsec to 2.6.29.1-grsec / Fedora Core 10
I didn't have any problems during installations. Everything seems to be fine but:

Before:

[urbiusz@urbiusz proc]$ ifconfig
-bash: ifconfig: command not found

Now:

[urbiusz@urbiusz ~]$ ifconfig
Warning: cannot open /proc/net/dev (No such file or directory). Limited output.
Warning: cannot open /proc/net/dev (No such file or directory). Limited output.
eth0 Link encap:Ethernet HWaddr 00:xx:xx:xx:xx:xx
inet addr:xx.xx.xxx.x Bcast:xx.xx.xxx.x Mask:255.255.255.248
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:16

Warning: cannot open /proc/net/dev (No such file or directory). Limited output.
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1


Before:

[urbiusz@urbiusz proc]$ iptables -L
-bash: iptables: command not found

Now:

[urbiusz@urbiusz ~]$ iptables -L
FATAL: Module ip_tables not found.
iptables v1.4.1.1: can't initialize iptables table `filter': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.


When I am using root acct there is no problem , no error messages.

Any ideas?
urbiusz
 
Posts: 22
Joined: Sun Aug 08, 2004 11:29 am

Re: cannot open /proc/net/dev (No such file or directory).

Postby spender » Sat Apr 25, 2009 10:59 am

From the configuration help:

Proc Restrictions
If you say Y here, the permissions of the /proc filesystem
will be altered to enhance system security and privacy. Depending
upon the options you choose, you can either restrict users to see
only the processes they themselves run, or choose a group that can
view all processes and files normally restricted to root if you choose
the "restrict to user only" option. NOTE: If you're running identd as
a non-root user, you will have to run it as the group you specify here.

Restrict /proc to user only
If you say Y here, non-root users will only be able to view their own
processes, and restricts them from viewing network-related information,
and viewing kernel symbol and module information.

Restrict /proc to user and group
If you say Y here, you will be able to select a group that will be
able to view all processes, network-related information, and
kernel and symbol information. This option is useful if you want
to run identd as a non-root user.
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

Re: cannot open /proc/net/dev (No such file or directory).

Postby urbiusz » Sat Apr 25, 2009 11:27 am

Ok. It looks like it's not grsec fault. I compiled kernel without grsec patch with the same result.

suggestions...?
urbiusz
 
Posts: 22
Joined: Sun Aug 08, 2004 11:29 am

Re: cannot open /proc/net/dev (No such file or directory).

Postby spender » Sat Apr 25, 2009 11:45 am

ls -ald /proc/net

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

Re: cannot open /proc/net/dev (No such file or directory).

Postby urbiusz » Sat Apr 25, 2009 4:30 pm

[urbiusz@urbiusz ~]$ ls -ald /proc/net
lrwxrwxrwx 1 root root 8 Apr 25 16:24 /proc/net -> self/net
urbiusz
 
Posts: 22
Joined: Sun Aug 08, 2004 11:29 am

Re: cannot open /proc/net/dev (No such file or directory).

Postby spender » Sat Apr 25, 2009 4:46 pm

What's ls -ald /proc/self/net show?

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

Re: cannot open /proc/net/dev (No such file or directory).

Postby urbiusz » Sat Apr 25, 2009 4:54 pm

[urbiusz@urbiusz ~]$ ls -ald /proc/self/net
dr-xr-xr-x 2 urbiusz urbiusz 0 Apr 25 16:49 /proc/self/net
urbiusz
 
Posts: 22
Joined: Sun Aug 08, 2004 11:29 am

Re: cannot open /proc/net/dev (No such file or directory).

Postby urbiusz » Sat Apr 25, 2009 5:29 pm

I also tried from different user:


[root@urbiusz ~]# su - mirc
[mirc@urbiusz ~]$ ls -ald /proc/self/net
dr-xr-xr-x 2 mirc mirc 0 Apr 25 17:16 /proc/self/net

It's normal?
urbiusz
 
Posts: 22
Joined: Sun Aug 08, 2004 11:29 am

Re: cannot open /proc/net/dev (No such file or directory).

Postby spender » Sat Apr 25, 2009 5:30 pm

Based on what you've pasted, you must have the "Restrict /proc to user only" option enabled. I don't think you're actually running a vanilla kernel right now, even though you had mentioned you compiled a kernel without grsecurity and were still unable to view the file. Either disable the /proc restrictions or enable the "Restrict /proc to user and group" option and properly configure the GID associated with the option so that the GID is one of the groups your urbiusz user belongs to.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm


Return to grsecurity support