Bug 3033

Summary: iotop binary in /usr/bin instead of /usr/sbin when it only runs as root
Product: Mageia Reporter: claire robinson <eeeemail>
Component: RPM PackagesAssignee: Thomas Backlund <tmb>
Status: RESOLVED OLD QA Contact:
Severity: normal    
Priority: Normal CC: kbergen, marja11
Version: 2   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA1TOO
Source RPM: iotop-0.4.3-1.mga1.src.rpm CVE:
Status comment:

Description claire robinson 2011-10-13 16:25:59 CEST 
Description of problem:

iotop runs fine as root but as normal user gives a python error which looks like a permissions problem to me. Tested both i586 and x86_64.

I'm not sure if this is intended behaviour, but the executable is in /usr/bin rather than sbin, so thought I'd report it to those who know!

X86_64:
-------
$ iotop
Traceback (most recent call last):
  File "/usr/bin/iotop", line 16, in <module>
    main()
  File "/usr/lib/python2.7/site-packages/iotop/ui.py", line 563, in main
    main_loop()
  File "/usr/lib/python2.7/site-packages/iotop/ui.py", line 553, in <lambda>
    main_loop = lambda: run_iotop(options)
  File "/usr/lib/python2.7/site-packages/iotop/ui.py", line 465, in run_iotop
    return curses.wrapper(run_iotop_window, options)
  File "/usr/lib64/python2.7/curses/wrapper.py", line 43, in wrapper
    return func(stdscr, *args, **kwds)
  File "/usr/lib/python2.7/site-packages/iotop/ui.py", line 457, in run_iotop_window
    process_list = ProcessList(taskstats_connection, options)
  File "/usr/lib/python2.7/site-packages/iotop/data.py", line 373, in __init__
    self.update_process_counts()
  File "/usr/lib/python2.7/site-packages/iotop/data.py", line 429, in update_process_counts
    stats = self.taskstats_connection.get_single_task_stats(thread)
  File "/usr/lib/python2.7/site-packages/iotop/data.py", line 158, in get_single_task_stats
    reply = GeNlMessage.recv(self.connection)
  File "/usr/lib/python2.7/site-packages/iotop/genetlink.py", line 50, in recv
    msg = conn.recv()
  File "/usr/lib/python2.7/site-packages/iotop/netlink.py", line 229, in recv
    raise err
OSError: Netlink error: Operation not permitted (1)


i586:
-----
$ iotop
Traceback (most recent call last):
  File "/usr/bin/iotop", line 16, in <module>
    main()
  File "/usr/lib/python2.7/site-packages/iotop/ui.py", line 563, in main
    main_loop()
  File "/usr/lib/python2.7/site-packages/iotop/ui.py", line 553, in <lambda>
    main_loop = lambda: run_iotop(options)
  File "/usr/lib/python2.7/site-packages/iotop/ui.py", line 465, in run_iotop
    return curses.wrapper(run_iotop_window, options)
  File "/usr/lib/python2.7/curses/wrapper.py", line 43, in wrapper
    return func(stdscr, *args, **kwds)
  File "/usr/lib/python2.7/site-packages/iotop/ui.py", line 457, in run_iotop_window
    process_list = ProcessList(taskstats_connection, options)
  File "/usr/lib/python2.7/site-packages/iotop/data.py", line 373, in __init__
    self.update_process_counts()
  File "/usr/lib/python2.7/site-packages/iotop/data.py", line 429, in update_process_counts
    stats = self.taskstats_connection.get_single_task_stats(thread)
  File "/usr/lib/python2.7/site-packages/iotop/data.py", line 158, in get_single_task_stats
    reply = GeNlMessage.recv(self.connection)
  File "/usr/lib/python2.7/site-packages/iotop/genetlink.py", line 50, in recv
    msg = conn.recv()
  File "/usr/lib/python2.7/site-packages/iotop/netlink.py", line 229, in recv
    raise err
OSError: Netlink error: Operation not permitted (1)


Version-Release number of selected component (if applicable):

iotop-0.4.3-1.mga1


How reproducible:

Install iotop. Run as non root user.
Comment 1 Ken Bergen 2011-10-24 08:36:19 CEST 
Verified in both Cauldron i586 and Mageia.1 i586

CC: (none) => kbergen

Comment 2 Manuel Hiebel 2011-10-24 13:30:37 CEST 
Bug assigned to the package maintainer.

Assignee: bugsquad => tmb

Comment 3 Thomas Backlund 2011-10-24 13:44:23 CEST 
That's "normal" since iotop tries to access resources only available to root.
Comment 4 claire robinson 2011-10-24 14:18:05 CEST 
Doesn't it belong in /usr/sbin in that case? The error is unhelpful.
Comment 5 Thomas Backlund 2011-10-24 14:23:36 CEST 
Indeed.

The other thing would be to fix iotop to handle the error more gratefully.
Comment 6 Ken Bergen 2011-10-27 02:31:12 CEST 
(In reply to comment #3)
> That's "normal" since iotop tries to access resources only available to root.

iotop use to run as a normal user so I'm curious as to what has changed in the way iotop and or the system works that now require access to resources only available to root.
Comment 7 Thomas Backlund 2011-10-27 09:57:04 CEST 
It requies access to taskstats, wich has been locked down to root only because of security issues as of kernel-2.6.38.8-6.mga1.

This is done in order to prevent information leak.
Comment 8 Marja Van Waes 2012-01-29 14:33:26 CET 
(In reply to comment #5)
> Indeed.
> 
> The other thing would be to fix iotop to handle the error more gratefully.

@ Thomas

Pinging, because nothing has happened with this report for more than 3 months, it still has the status NEW or REOPENED.

Please set status to ASSIGNED if you think this bug was assigned correctly. If for work flow reasons you can't do that, then please put OK on the whiteboard instead.

CC: (none) => marja11

Comment 9 Marja Van Waes 2012-07-06 15:06:19 CEST 
Please look at the bottom of this mail to see whether you're the assignee of this  bug, if you don't already know whether you are.


If you're the assignee:

We'd like to know for sure whether this bug was assigned correctly. Please change status to ASSIGNED if it is, or put OK on the whiteboard instead.

If you don't have a clue and don't see a way to find out, then please put NEEDHELP on the whiteboard.

Please assign back to Bug Squad or to the correct person to solve this bug if we were wrong to assign it to you, and explain why.

Thanks :)

**************************** 

@ the reporter and persons in the cc of this bug:

If you have any new information that wasn't given before (like this bug being valid for another version of Mageia, too, or it being solved) please tell us.

@ the reporter of this bug

If you didn't reply yet to a request for more information, please do so within two weeks from now.

Thanks all :-D
Comment 10 claire robinson 2012-07-06 15:53:52 CEST 
Seems still current.

$ urpmf iotop | grep bin
iotop:/usr/bin/iotop

Version: 1 => 2
Whiteboard: (none) => MGA1TOO

claire robinson 2012-07-06 15:54:53 CEST

Summary: iotop gives error when not run as root => iotop binary in /usr/bin instead of /usr/sbin when it only runs as root

Comment 11 Manuel Hiebel 2013-10-22 12:21:07 CEST 
This message is a reminder that Mageia 2 is nearing its end of life.
Approximately one month from now Mageia will stop maintaining and issuing updates for Mageia 2. At that time this bug will be closed as WONTFIX (EOL) if it remains open with a Mageia 'version' of '2'.

Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Mageia version prior to Mageia 2's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Mageia 2 is end of life.  If you would still like to see this bug fixed and are able to reproduce it against a later version of Mageia, you are encouraged to click on "Version" and change it against that version of Mageia.

Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Mageia release includes newer upstream software that fixes bugs or makes them obsolete.

-- 
The Mageia Bugsquad
Comment 12 claire robinson 2013-10-22 18:38:26 CEST 
Fixed in mga3 so may not be worth fixing in mga2 now?

$ iotop
Netlink error: Operation not permitted (1)
iotop requires root or the NET_ADMIN capability.
Comment 13 Manuel Hiebel 2013-11-08 19:36:31 CET 
looks no, closing

Status: NEW => RESOLVED
Resolution: (none) => OLD