From owner-svn-src-all@freebsd.org Mon Jun 4 15:56:09 2018 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F1566FF0501 for ; Mon, 4 Jun 2018 15:56:08 +0000 (UTC) (envelope-from ian@freebsd.org) Received: from pmta2.delivery6.ore.mailhop.org (pmta2.delivery6.ore.mailhop.org [54.200.129.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B9A7F6F00A for ; Mon, 4 Jun 2018 15:56:06 +0000 (UTC) (envelope-from ian@freebsd.org) X-MHO-RoutePath: aGlwcGll X-MHO-User: a08b84c8-680f-11e8-b829-b3adae557cda X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information X-Originating-IP: 67.177.211.60 X-Mail-Handler: DuoCircle Outbound SMTP Received: from ilsoft.org (unknown [67.177.211.60]) by outbound2.ore.mailhop.org (Halon) with ESMTPSA id a08b84c8-680f-11e8-b829-b3adae557cda; Mon, 04 Jun 2018 15:54:56 +0000 (UTC) Received: from rev (rev [172.22.42.240]) by ilsoft.org (8.15.2/8.15.2) with ESMTP id w54Fst1W034725; Mon, 4 Jun 2018 09:54:55 -0600 (MDT) (envelope-from ian@freebsd.org) Message-ID: <1528127695.32688.215.camel@freebsd.org> Subject: Re: svn commit: r334543 - head/usr.bin/top From: Ian Lepore To: rgrimes@freebsd.org Cc: src-committers , svn-src-all@freebsd.org, svn-src-head@freebsd.org Date: Mon, 04 Jun 2018 09:54:55 -0600 In-Reply-To: <201806032133.w53LXvVY092879@pdx.rh.CN85.dnsmgr.net> References: <201806032133.w53LXvVY092879@pdx.rh.CN85.dnsmgr.net> Content-Type: text/plain; charset="ISO-8859-1" X-Mailer: Evolution 3.18.5.1 FreeBSD GNOME Team Port Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jun 2018 15:56:09 -0000 On Sun, 2018-06-03 at 14:33 -0700, Rodney W. Grimes wrote: > > > > On Sat, Jun 2, 2018 at 11:08 PM, Eitan Adler wrote: > > > > > > > > On 2 June 2018 at 16:56, Rodney W. Grimes > > > wrote: > > > > > > > > > > > > > > Author: eadler > > > > > Date: Sat Jun  2 22:06:27 2018 > > > > > New Revision: 334543 > > > > > URL: https://svnweb.freebsd.org/changeset/base/334543 > > > > > > > > > > Log: > > > > >   top(1): chdir to / as init; remove unneeded comment > > > > > > > > > >   - chdir to / to allow unmounting of wd > > > > >   - remove warning about running top(1) as setuid. If this is a concern > > > we > > > > > > > > > > > > > >   should just drop privs instead. > > > > > > > > > > Modified: > > > > >   head/usr.bin/top/machine.c > > > > >   head/usr.bin/top/top.c > > > > > > > > > > Modified: head/usr.bin/top/machine.c > > > > > ============================================================ > > > ================== > > > > > > > > > > > > > > --- head/usr.bin/top/machine.c        Sat Jun  2 21:50:00 2018 > > > (r334542) > > > > > > > > > > > > > > +++ head/usr.bin/top/machine.c        Sat Jun  2 22:06:27 2018 > > > (r334543) > > > > > > > > > > > > > > @@ -1613,11 +1613,6 @@ compare_ivcsw(const void *arg1, const void *arg2) > > > > >  /* > > > > >   * proc_owner(pid) - returns the uid that owns process "pid", or -1 if > > > > >   *           the process does not exist. > > > > > - *           It is EXTREMELY IMPORTANT that this function work > > > correctly. > > > > > > > > > > > > > > - *           If top runs setuid root (as in SVR4), then this function > > > > > - *           is the only thing that stands in the way of a serious > > > > > - *           security problem.  It validates requests for the "kill" > > > > > - *           and "renice" commands. > > > > >   */ > > > > > > > > > >  int > > > > > > > > > > Modified: head/usr.bin/top/top.c > > > > > ============================================================ > > > ================== > > > > > > > > > > > > > > --- head/usr.bin/top/top.c    Sat Jun  2 21:50:00 2018        (r334542) > > > > > +++ head/usr.bin/top/top.c    Sat Jun  2 22:06:27 2018        (r334543) > > > > > @@ -260,6 +260,15 @@ main(int argc, char *argv[]) > > > > >  #define CMD_order    26 > > > > >  #define CMD_pid              27 > > > > > > > > > > +    /* > > > > > +     * Since top(1) is often long running and > > > > > +     * doesn't typically care about where its running from > > > > > +     * chdir to the root to allow unmounting of its > > > > > +     * originall wd. Failure is alright as this is > > > > > +     * just a courtesy for users. > > > > > +     */ > > > > > +    chdir("/"); > > > > > + > > > > Bad side effect of doing that is it is not hard to get a "core" > > > > from top when run as a user, as it is going to try to write > > > > to /, and it probably does not have permission for that. > > > Another person made the point that other similar applications don't do > > > this, so I just reverted it. > > > > > Actually,  it was a good change. > > > > I've had issues on other systems where I couldn't unmount a filesystem for > > reasons unknown. > lsof is your friend here.  That is the tool of choice for finding > cwd of processes that are in directories you can not unmount. > Actually, rather than lsof (which I never even bother to install anymore), I think the newer version of this advice is to use procstat(1) from base. For example, to see why you can't umount /foo:   procstat -af | grep /foo -- Ian