Monthly Archives: February 2010

Getting untruncated command line options passed to a Solaris process

Posted by Praveen Kumar on February 24, 2010 No comments

If you have ever wanted to get the command line options that were passed to a running Solaris process, you might have noticed that the output of command line arguments from ps is truncated to 80 characters. Looking into /usr/include/sys/procfs.h will reveal the reason why! This is because of the restriction in struct psinfo. Here are the relevant fields from the definition of struct psinfo.

#define	PRFNSZ		16	/* Maximum size of execed filename */
#define	PRARGSZ		80	/* number of chars of arguments */
 
typedef struct psinfo {
         /* Fields omitted */
         char pr_fname[PRFNSZ];    /* name of exec'ed file */
         char pr_psargs[PRARGSZ];  /* initial characters of arg list */
         /* Fields omitted */
} psinfo_t;

So, due to the 80 characters restriction in psinfo::pr_psargs, the kernel will not be keeping track of arguments beyond the limit. Now, the only way to get the information is from the process’ memory of argv. In order to do this, you should have access to read the processes’ memory. This is the trick employed by both pargs and BSD version of ps with -ww switch.

To get the full length command line arguments passed to a process, you can do one of the following.

$ /usr/ucb/ps eww <pid>
$ pargs -l <pid>

One catch here is that, if the process has modified the argv since it was started, the output reported by both ps and pargs will show the modified data and not the initial arguments that were passed in. However, modifying argv within a program is not a standard practice and hence the chance of encountering such a scenario is remote.

Dumping core file from set-UID, set-GID ‘ed processes in Solaris

Posted by Praveen Kumar on February 23, 2010 No comments

I had a previous post on how to turn on core files for set-UID, set-GID processes under Linux. Recently we ran into the same problem on Solaris. To turn on core files for set-id processes, use coreadm.

$ pfexec coreadm -e global-setid

Please keep in mind that these core files can have information that non-privileged user isn’t supposed to know. Quoting from Solaris man page:

     A process that is or ever has been setuid  or  setgid  since
     its  last  exec(2)  presents  security issues that relate to
     dumping  core.  Similarly,  a  process  that  initially  had
     superuser  privileges  and  lost  those  privileges  through
     setuid(2) also presents security issues that are related  to
     dumping core. A process of either type can contain sensitive
     information in  its  address  space  to  which  the  current
     nonprivileged  owner  of the process should not have access.
     If setid core files are enabled, they are created  mode  600
     and owned by the superuser.

Random links for week 7

Posted by Praveen Kumar on February 20, 2010 No comments
  • Last week, I filed my 2009 Federal and State taxes through TurboTax. I found a promotion from Fidelity that offered 25% discount on all TurboTax products. If you are a TurboTax user, you can take advantage of it. You need not be a Fidelity customer to use this promotion. This is not a recommendation or endorsement for TurboTax. Take the discount if you are an existing user or you decided to try TurboTax.
  • Last weekend, I went to Mt.Rose for skiing with Luke Hornof. This was second ski trip. The first one was Sierra at Tahoe. Mt.Rose was a smaller resort compared to Sierra. However, I liked it much better for the experience that I had. The lift lines were smaller and the people were much friendlier. The ski rental shop people were very helpful and paid good attention in getting the right equipment and settings. The ski instructor Scott was one of the most knowledgeable ski instructor and was an excellent skier! Overall, it was a very positive experience and I will go there again. I am also planning to take a bunch of private lessons from Scott.
  • During the ski trip, we stayed at Carson City. It was a small city, not so busy! The people were cool and very nice. Luke and I were hoping around bars, pool clubs and hookah lounges on a quest with a hypothetical question and it was fun. I liked this place. But, I am not sure if I will visit this one again.

Chainloading OpenSolaris from GRUB 2

Posted by Praveen Kumar on February 20, 2010 No comments

I have a triple boot system with OpenSolaris, Ubuntu 9.10 and Microsoft Windows XP. I upgraded my Ubuntu 9.10 GRUB to GRUB 2 today. GRUB2 automatically added an entry for Microsoft Windows XP. However, it didn’t detect the OpenSolaris that was installed. I had to manually configure OpenSolaris chainloading in GRUB 2. If you are in a similar situation, this will be helpful for you to configure your GRUB 2.

Find your OpenSolaris partition.

$ sudo fdisk -l
 
Disk /dev/sda: 320.1 GB, 320072933376 bytes
255 heads, 63 sectors/track, 38913 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x00099420
 
   Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1       12158    97659103+   7  HPFS/NTFS
/dev/sda2   *       12159       24314    97643070   bf  Solaris
/dev/sda3           24317       38913   117250402+   f  W95 Ext'd (LBA)
/dev/sda5           24317       38297   112302351   83  Linux
/dev/sda6           38298       38913     4947988+  82  Linux swap / Solaris

In my case, it is /dev/sda2. Once you have found it, edit /etc/grub.d/40_custom and add the following entry for OpenSolaris. A key difference between GRUB and GRUB 2 is the device numbering. In GRUB, sda2 is (hd0,1). However, in GRUB 2, sda2 is (hd0,2). Keep this in mind when you are configuring your GRUB 2.

# Chainload OpenSolaris GRUB.
menuentry "Chainload OpenSolaris GRUB" {
    set root=(hd0,2)
    chainloader +1
}

Now your /etc/grub.d/40_custom should look like the following.

#!/bin/sh
exec tail -n +3 $0
# This file provides an easy way to add custom menu entries.  Simply type the
# menu entries you want to add after this comment.  Be careful not to change
# the 'exec tail' line above.
 
# Chainload OpenSolaris GRUB.
menuentry "Chainload OpenSolaris GRUB" {
    set root=(hd0,2)
    chainloader +1
}

Then run update-grub to regenerate /boot/grub/grub.cfg.

$ sudo update-grub
Generating grub.cfg ...
Found linux image: /boot/vmlinuz-2.6.31-19-generic
Found initrd image: /boot/initrd.img-2.6.31-19-generic
Found memtest86+ image: /boot/memtest86+.bin
Found Microsoft Windows XP Professional on /dev/sda1
done

You will not find anything about OpenSolaris in the output message. However, you can examine /boot/grub/grub.cfg to find if an entry is added for OpenSolaris.

$ tail -10 /boot/grub/grub.cfg 
# This file provides an easy way to add custom menu entries.  Simply type the
# menu entries you want to add after this comment.  Be careful not to change
# the 'exec tail' line above.
 
# Chainload OpenSolaris GRUB.
menuentry "Chainload OpenSolaris GRUB" {
    set root=(hd0,2)
    chainloader +1
}
### END /etc/grub.d/40_custom ###

Enabling virtual consoles in OpenSolaris

Posted by Praveen Kumar on February 19, 2010 1 comment

OpenSolaris was lacking virtual console for a while. This support was made available since build snv_124. However, due to various bugs, it is turned off by default. To enable virtual consoles, do the following.

$ pfexec svcadm enable vtdaemon
$ pfexec svcadm enable console-login:vt2
$ pfexec svcadm enable console-login:vt3
$ pfexec svcadm enable console-login:vt4
$ pfexec svcadm enable console-login:vt5
$ pfexec svcadm enable console-login:vt6

To enable hot keys for switching virtual consoles, do the following.

$ pfexec svccfg -s vtdaemon setprop options/hotkeys=true
$ pfexec svcadm refresh vtdaemon
$ pfexec svcadm restart vtdaemon

Console security is enabled by default. What it means is that if you leave a virtual console and move to another one, the previous virtual console will be locked and you will have to provide the password to unlock it. If you don’t like that, turn the security off.

$ pfexec svccfg -s vtdaemon setprop options/secure=false
$ pfexec svcadm refresh vtdaemon
$ pfexec svcadm restart vtdaemon

If you have already logged into an X session while doing this, logout and wait for Xorg to restart. After that, you should be able to switch between the virtual consoles by pressing the hotkey Alt + Ctrl + F#, where # => 1 to 7. Console 1 is the primary console, 2-6 are virtual consoles and 7 is the Xorg.