[DRE-maint] Bug#725313: ohai has invalid names in the "listeners" section
Simon Heath
icefoxen at gmail.com
Fri Oct 4 00:59:25 UTC 2013
Package: ohai
Version: 6.14.0-2
Severity: important
Dear Maintainer,
I just installed ohai on a debian-testing system and ran it, and noticed
that in the "listeners" section it produces junk output for the names
of the processes listening on all the ports.
This is what it produces:
----
"listeners": {
"tcp": {
"1922": {
"address": "*",
"pid": 0,
"name": "gitit"
},
"5222": {
"address": "*",
"pid": 0,
"name": "gitit"
},
"6502": {
"address": "127.0.0.1",
"pid": 0,
"name":
"{2})*)*(?:/(?:[\\-_.!~*'()a-zA-Z\\d:@&=+$,]|%[a-fA-F\\d]{2})*(?:;(?:[\\-_.!~*'()a-zA-Z\\d:@&=+$,]|%[a-fA-F\\d]{2})*)*)*\\z"
},
"3142": {
"address": "*",
"pid": 0,
"name": "gitit"
},
"6600": {
"address": "::1",
"pid": 0,
"name": "gitit"
},
"139": {
"address": "*",
"pid": 0,
"name": "gitit"
},
"783": {
"address": "127.0.0.1",
"pid": 0,
"name":
"{2})*)*(?:/(?:[\\-_.!~*'()a-zA-Z\\d:@&=+$,]|%[a-fA-F\\d]{2})*(?:;(?:[\\-_.!~*'()a-zA-Z\\d:@&=+$,]|%[a-fA-F\\d]{2})*)*)*\\z"
},
"80": {
"address": "*",
"pid": 0,
"name": "gitit"
},
"8080": {
"address": "*",
"pid": 0,
"name":
"{2})*)*(?:/(?:[\\-_.!~*'()a-zA-Z\\d:@&=+$,]|%[a-fA-F\\d]{2})*(?:;(?:[\\-_.!~*'()a-zA-Z\\d:@&=+$,]|%[a-fA-F\\d]{2})*)*)*\\z"
},
"5269": {
"address": "*",
"pid": 0,
"name": "gitit"
},
"22": {
"address": "*",
"pid": 0,
"name": "gitit"
},
"8888": {
"address": "*",
"pid": 15676,
"name": "gitit"
},
"25": {
"address": "*",
"pid": 0,
"name": "gitit"
},
"443": {
"address": "*",
"pid": 0,
"name": "gitit"
},
"445": {
"address": "*",
"pid": 0,
"name": "gitit"
},
"64738": {
"address": "*",
"pid": 0,
"name": "gitit"
},
"4949": {
"address": "*",
"pid": 0,
"name": "gitit"
}
}
}
----
Here is the output of "sudo iptables -lntp" which shows the real names
of the running processes:
----
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:1922 0.0.0.0:* LISTEN 4001/sshd
tcp 0 0 0.0.0.0:5222 0.0.0.0:* LISTEN 28163/lua5.1
tcp 0 0 127.0.0.1:6502 0.0.0.0:* LISTEN 4045/murmurd
tcp 0 0 0.0.0.0:3142 0.0.0.0:* LISTEN 3128/apt-cacher-ng
tcp 0 0 127.0.0.1:6600 0.0.0.0:* LISTEN 3753/mpd
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 18724/smbd
tcp 0 0 127.0.0.1:783 0.0.0.0:* LISTEN 4108/spamd.pid
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 22206/lighttpd
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 3127/icecast2
tcp 0 0 0.0.0.0:5269 0.0.0.0:* LISTEN 28163/lua5.1
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 4001/sshd
tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 15676/gitit
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 4213/master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 22206/lighttpd
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 18724/smbd
tcp6 0 0 :::64738 :::* LISTEN 4045/murmurd
tcp6 0 0 :::1922 :::* LISTEN 4001/sshd
tcp6 0 0 :::5222 :::* LISTEN 28163/lua5.1
tcp6 0 0 :::3142 :::* LISTEN 3128/apt-cacher-ng
tcp6 0 0 ::1:6600 :::* LISTEN 3753/mpd
tcp6 0 0 :::139 :::* LISTEN 18724/smbd
tcp6 0 0 :::80 :::* LISTEN 22206/lighttpd
tcp6 0 0 :::5269 :::* LISTEN 28163/lua5.1
tcp6 0 0 :::4949 :::* LISTEN 3179/perl
tcp6 0 0 :::22 :::* LISTEN 4001/sshd
tcp6 0 0 :::25 :::* LISTEN 4213/master
tcp6 0 0 :::443 :::* LISTEN 22206/lighttpd
tcp6 0 0 :::445 :::* LISTEN 18724/smbd
----
Shutting down the 'gitit' service results in it giving the
"{2})*)*(?:/(?:[\\-_.!~*'()a-zA-Z\\d:@&=+$,]|%[a-fA-F\\d]{2})*(?:;(?:[\\-_.!~*'()a-zA-Z\\d:@&=+$,]|%[a-fA-F\\d]{2})*)*)*\\z"
regexp for every service name.
Upon reflection, this is because the user running ohai is not
privilieged enough to get the processes of listening servers, and
running ohai as the root user gives all the right process names
for the various listeners. "gitit" was running as the same user
as ohai, so it could get that process name. That does not explain
why it listed "gitit" as the process name for a pile of different
listening ports which had nothing to do with it though.
Surely when ohai gets no process name for a listener it should
degrade in a more graceful way than spewing a regexp. And it
CERTAINLY should not give a random process name in place of one
it cannot determine.
Thank you,
Simon Heath
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.9-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages ohai depends on:
ii ruby-ipaddress 0.8.0-1
ii ruby-mixlib-cli 1.2.2-2
ii ruby-mixlib-config 1.1.2-3
ii ruby-mixlib-log 1.4.1-1
ii ruby-sigar 0.7.2-1
ii ruby-systemu 2.5.1-1
ii ruby-yajl 1.1.0-2
ii ruby1.8 [ruby-interpreter] 1.8.7.358-7
ii ruby1.9.1 [ruby-interpreter] 1.9.3.194-8.1+b1
ohai recommends no packages.
ohai suggests no packages.
-- no debconf information
More information about the Pkg-ruby-extras-maintainers
mailing list