Opened 3 years ago

Closed 4 days ago

#13807 closed enhancement (implemented)

Use fstat connection resolution

Reported by: mmcc Owned by: atagar
Priority: Medium Milestone:
Component: Core Tor/Stem Version:
Severity: Normal Keywords: utils, openbsd
Cc: sysfu Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

When running arm 1.4.5.0 and Tor 2.5.10 on OpenBSD 5.5, connection listing with lsof fails. The console error is lsof: kvm_openfiles(execfile=/bsd, corefile=/dev/mem): Permission denied. arm is being run by the daemon user that owns the Tor process (_tor). It is unsurprising that the permission is denied, as the unprivileged daemon user is attempting to access the memory device. Additionally, lsof has to be listed as a dependency and installed separately to begin with, which is less-than-ideal.

It would probably be better to use fstat if it offers the needed functionality. It is included in the default install, runs *far* faster, and allows an unprivileged user to list their own open file descriptors (e.g. sudo -u _tor fstat -u _tor).

I saw the mention of the arm rewrite on the mailing list and thought that this would be a good time to mention this.

Thanks for reading!

Child Tickets

Change History (7)

comment:1 Changed 3 years ago by atagar

  • Component changed from arm to Stem
  • Summary changed from Arm fails to list connections on OpenBSD due to lsof permissions error to Use fstat connection resolution

Hi mmcc. I'm gonna swap this to Stem. You're right that arm is being rewritten, and one of the bits that's already moved to Stem is connection resolution...

https://stem.torproject.org/tutorials/east_of_the_sun.html#connection-resolution
https://gitweb.torproject.org/stem.git/blob/HEAD:/stem/util/connection.py

If Stem supports fstat connection resolution then the next release of arm will take advantage of it too. That said, I don't have an OpenBSD system nor am I familiar with fstat. In the past I've made VMs or got ssh access to FreeBSD and Gentoo systems to track down this sort of issue. It was painful though to say the least, and left me swearing 'never again'.

Since then I've taken a 'patches welcome' approach. Fantastic folks stepped forward to add FreeBSD sockstat/procstat support and I'd be delighted to get patches for OpenBSD fstat support too.

If you'd care to take this on then it shouldn't be too hard. I expect it would involve...

  1. Adding a new BSD_FSTAT Resolver enumeration and RESOLVER_COMMAND.
  2. Use this as the type of resolver used on OpenBSD (just need to check platform.system()).
  3. Teach Stem to parse the fstat output.
  4. Add a unit test for the resolver. Naturally feel free to tweak anything you think is private, but please try to keep it looking as close to real output as you can.

On a side note I'm a little curious if Stem's integ tests pass on your platform. I'm a little suspicious that we could improve OpenBSD support in stem.util.system which gets things like system resource usage. Not sure. OpenBSD is one of the least tested platforms for both Stem and arm. I'd love to have someone maintain Stem for OpenBSD.

Cheers! -Damian

comment:2 Changed 3 years ago by atagar

  • Keywords utils openbsd added; OpenBSD lsof fstat files permissions removed

comment:3 Changed 3 years ago by atagar

  • Type changed from defect to enhancement

comment:4 Changed 3 years ago by atagar

This ticket gave me some deja vu so did a little looking, and indeed fstat was proposed before...

https://trac.torproject.org/projects/tor/ticket/7813

Merged that with this ticket. Happy to have it as a resolver in Stem.

comment:5 Changed 2 years ago by sysfu

  • Cc sysfu added

comment:6 Changed 4 days ago by cnidaria

  • Severity set to Normal

Hi! I'm new here. The FAQ said to jump right in, so that's what I'm doing!
I added a BSD_FSTAT resolver and a corresponding unit test. Code is at https://github.com/asv-github/stem (the branch is 13807-fstat-connection-openbsd). Let me know if there's anything I should change.

As far as the integ tests go, on my OpenBSD 6.1 system, I get a number of failures in test.integ.unit.system and also a few in test.integ.interpreter. There are also a couple unit tests that fail in test.unit.manual.TestManual because OpenBSD man seems to take different flags from Linux man. I'll make a separate ticket for these issues. I'd be interested in fixing these and making sure Stem runs well on OpenBSD but may need some guidance along the way.

comment:7 Changed 4 days ago by atagar

  • Resolution set to implemented
  • Status changed from new to closed

Patch looks perfect - thanks cnidaria! I really appreciate it. :P

Love to know what's up with the test failures. If they give you much trouble feel free to shoot me the test output and I'll take a peek.

Note: See TracTickets for help on using tickets.