Hide Forgot
Description of problem: I'm about to post a patch for the kernel that add hidepid option to procfs. That option restricts access to /proc/ for security reasons. The comment of upstream commit indicates that when access to /proc/ is restricted pstree shows the subtree that contains pstree process. However, on RHEL6, pstree shows nothing. Version-Release number of selected component (if applicable): How reproducible: Allways Steps to Reproduce: 1. Install a kernel with hidpid option. You can found one at https://brewweb.devel.redhat.com/taskinfo?taskID=4002146 2. remount /proc with hidepid=1 or hidepid=2 enable mount -o remount,hidepid=1 /proc/ 3. run pstree Actual results: pstree does not display anything Expected results: pstree displays a subtree of processes which it has access to in /proc/<pid>/ Additional info:
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. If you would like it considered as an exception in the current release, please ask your support representative.
Hello Jerome. In my case the output is not empty, but it is missing accessible processes where the parents are inaccessible.
I cannot reproduce the issue either. Output not empty on RHEL6.6, 2.6.32-642.el6.x86_64.
(In reply to Jan Rybar from comment #6) > I cannot reproduce the issue either. Output not empty on RHEL6.6, > 2.6.32-642.el6.x86_64. The output is not empty, but does it contains all accessible processes? [jmarchan@virt_rhel6 ~]$ pstree init─┬─NetworkManager─┬─dhclient │ └─{NetworkManager} [...] ├─sshd─┬─sshd───sshd───bash─┬─pstree │ │ └─vi │ └─sshd───bash ├─udevd───2*[udevd] └─wpa_supplicant [jmarchan@virt_rhel6 ~]$ ps -u jmarchan PID TTY TIME CMD 2698 ? 00:00:00 sshd 2699 pts/0 00:00:01 bash 9262 pts/0 00:00:00 vi 23192 pts/0 00:00:00 ps [jmarchan@virt_rhel6 ~]$ sudo mount -o remount,hidepid=1 /proc/ [jmarchan@virt_rhel6 ~]$ pstree [jmarchan@virt_rhel6 ~]$ ps -u jmarchan PID TTY TIME CMD 2699 pts/0 00:00:01 bash 9262 pts/0 00:00:00 vi 23196 pts/0 00:00:00 ps Note that sshd disappeared from ps output too. This is because it is suid root and thus it directory in /proc/ is also inaccessible to unprivileged processes. If I run a program that forks a lot, the output is not empty anymore, yet there are still a number of process missing (see Jaromir's comment about the parent being inaccessible). [jmarchan@virt_rhel6 ~]$ ./bz1151823/fork_snake [jmarchan@virt_rhel6 ~]$ pstree ?───11*[fork_snake───fork_snake───fork_snake───fork_snake───fork_snake───fork_sn+ [jmarchan@virt_rhel6 ~]$ The changelog of upstream psmisc mention a fix regarding hidepid that landed in 22.17: "Changes in 22.17 [...] Fake pstree root for kernels with hidepid turned on"
Created attachment 1200836 [details] Proposed patch - show accessible processes if hidepid on
Created attachment 1227351 [details] Upstream backport patch, fix orphan processes
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2017-0771.html