[Nfdump-discuss] cant run nfcapd with unprivileged user
netflow collecting and processing tools
Brought to you by:
phaag
Menu
▾
▴
[Nfdump-discuss] cant run nfcapd with unprivileged user
|
From: Borja R. <fru...@gr...> - 2010-08-18 10:22:46
|
Hi Guys
Hi have problems running nfcapd with a unprivileged user. Here's the
output of /var/log/messages:
Aug 18 11:56:04 logserver nfcapd[32625]: Add extension: 2 byte
input/output interface index
Aug 18 11:56:04 logserver nfcapd[32625]: Add extension: 4 byte
input/output interface index
Aug 18 11:56:04 logserver nfcapd[32625]: Add extension: 2 byte src/dst
AS number
Aug 18 11:56:04 logserver nfcapd[32625]: Add extension: 4 byte src/dst
AS number
Aug 18 11:56:04 logserver nfcapd[32625]: Bound to IPv4 host/IP: any,
Port: 1234567
Aug 18 11:56:04 logserver nfcapd[32625]: Access denied to collector
bookkeeping record.
Aug 18 11:56:04 logserver nfcapd[32625]: initialize bookkeeper failed.
But when I run nfcapd with root user, I have no problems at all. I have
looked through nfcapd code, and I can see that is a shared memory issue.
I have tracked down the error msg to this lines of code:
*** Bookkeeper.c, line 300 aprox:
// check if the shared memory is already allocated
shm_id = shmget(shm_key, sizeof(bookkeeper_t), 0600);
if ( shm_id < 0 ) {
// the segment does not exists. Check why
switch (errno) {
case ENOENT:
// no shared segemtn exists.
return ERR_NOTEXISTS;
break;
case EACCES:
// there is such a segment, but we are not allowed to get it
// Assume it's another nfcapd
LogError("Access denied to collector bookkeeping record.");
return ERR_FAILED;
break;
default:
// This should never happen, but catch it anyway
LogError("semop() error in %s line %d: %s", __FILE__, __LINE__, strerror(errno) );
return ERR_FAILED;
}
*** Bookkeeper.c, line 200 aprox:
// no valid shared segment was found
switch (errno) {
case ENOENT:
// this is ok - no shared segemtn exists, we can create a new one below
break;
case EACCES:
// there is such a segment, but we are not allowed to get it
// Assume it's another nfcapd
LogError("Access denied to collector bookkeeping record.");
return ERR_EXISTS;
break;
default:
// This should never happen, but catch it anyway
LogError("semop() error in %s line %d: %s", __FILE__, __LINE__, strerror(errno) );
return ERR_FAILED;
}
Maybe its a privs issue? If it is right, I think It can be a
system-privs issue (its a hardly secured system).
Thanks :-)
--
===================================================================
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGiBEvn4JcRBAD/0zgcWAvZRgZdsu9Du7apJyBoVGP1tcdt7WoQzfyDs3pBpi/2
n80R1Lu33B/9flNf68pEiDqFqn08CVxRN8XGqVDDawiVV1lPiyL4I9hk59bzn2OA
gJ9yP/x8LADXfj8ufZ5qfsL/j2h2qYbfkRj6rS5lkYBdWqTHxF/eCL1NmwCg/QYR
JbbfPP3HGhvfXb1J2dmlcSMEAIBpiIcVmRrxi1u5UCEMBJnC14zskKMnCC9orlQ8
BwUbdHVW9SPkYkDk3JH1ptYDR4furKWr8Tgyc3L9NupVOB+Xg0gfDu5e+7gtPgeu
Zccpv+BK84/97IgkIGNcglj5U8qJWV68m/O39SML6dEGJWTzkXg0qL2nlnHHS/zE
/BmdA/9V1ouI+JhjIjQpVL66ucaQvl/2y9IHQ4J7b9vWeiSyHZfyC1SnqWsfjkqn
DQtQQsi/LE+oo5sKqGz4KC5UpWGlFJx/DDgNiX/9mFZlq1lcib7/u4bE5cHOy3cH
7JXY03pgOepmE06Naigb/Vp5Tkfi1/lX1M5ej/l5reKslVBWO7QlQm9yamEgUnVp
eiA8ZnJ1aXpjYXN0cm9AZ3J1cG9pY2EuY29tPohgBBMRAgAgBQJL5+CXAhsDBgsJ
CAcDAgQVAggDBBYCAwECHgECF4AACgkQkT89R9GsY8zcWQCcDYZNdhAcWqA67JJD
s5kgU9l+n/QAoJp0Dq3IX22obapkxRl3+HrUOGKBuQINBEvn4JcQCACwyXuTBBWs
6335QTJWj21oy+CBQkp8Qw36ZvAlTTertf9ffE3whb5a6g/zPa0xP1ZQ7PrUhMW0
5Aj4R58edvKXjNRtls0MpSLJNgkAHJMM0kS6XE850rwxysxmULfYX/mO5d/xtnZf
B1lQZPPGXHPGeij3xOoaQqByRqcw3Q8hqK28CBvO0sc+VjMCgG6VoR5lhQcPBCau
OUKAs+c6dAbLReXIeddFgOZPvk+EY1tmP2jaRvDbKDzxaOZe+zbv9S6KeL1ePlt/
6RnktwbHT5RKqCRL9bOkK9GLLT4hLrPOmoU9RBLAmGheVzNwOw29XN8J9MAH0OWU
lwYAyeh+vxanAAMFB/9yeLLgtBq65IPWcgjVOxqmmKCrvI4V0HHhYheBO0Zut6mo
KrifV5J14OyID4ugwA/nmH9Ep3bsGML4BvBLWGQ5sKRGK435PNe6LptuzkEN67Ct
+ChzDo3TG81xE64hpX9E1pt5ZRWTPwB5a6Jj8J0WSog02BkbuYNdFWCXjY4FJS+J
DV6hNyNMNB3kEz1M2MfnfIZ8gufA9IzNfAHlT8pdlPEdRqFkRBIk1n9GOqMU1TyR
WFqYbQgFqGaGep9ZmZxIzJSoZVEcWnCxJQS2IUnHn4GCt46viRhvYAjLYMxy0q51
vb1BLKh2f7ugxp+cJC5CuC3gblLH71GVdpFjSs/XiEkEGBECAAkFAkvn4JcCGwwA
CgkQkT89R9GsY8zuhgCgxs1nDrolT983jt9rZhAc8qMRciQAnjjSTBq1eMUCU6zB
IGkrq0YRzo4/
=AaX0
-----END PGP PUBLIC KEY BLOCK-----
|
