[SLUG] non-root users cant use network

380 views
Skip to first unread message

Chris Barnes

unread,
Aug 28, 2011, 11:06:34 PM8/28/11
to sl...@slug.org.au
Hi everyone,

I'm fairly new to the list.

I've got what I would consider an interesting issue with a little
netbook I've been playing around with.

basically regular users cannot make any outbound network connections.

for example:

cpbarnes@netbook:~$ ping 127.0.0.1
socket: Permission denied


and

cpbarnes@netbook:~$ wget http://127.0.0.1/
Connecting to 127.0.0.1:80... failed: Permission denied.


doing the same as root works.

Interestingly when i do:

root@netbook:~# /sbin/ifconfig

i can see the loopback interface AND its ip address 127.0.0.1


however as a regular user i get:

"warning: no inet socket available: no such file or directory"

i can see the loopback interface but there is no ip address.


heres a little background.
The netbook features an ARM processor, 128meg RAM, and the main
storage is a USB thumb drive wired straight on to the mainboard.
It came pre-loaded with Windows CE 6 however, as stunning and feature
rich as it was, i got my hands on the vendors linux install for the
netbook and installed that.

The vendors Linux install is Debian based, ive got 2 varients, Debian
5 and Debian 6. Both present the same problem. I've tried updating the
installed packages but the problem persists.

The Linux kernel supplied appears to be a customised 2.6 and pretty
much all the modules are compiled in.

ive done a stack of searching on the interwebs. a lot of people talk
about needing to setuid on the ping bin, but this is already done

root@netbook:~# ls -l /bin/ping
-rwsr-xr-x 1 root root 34984 oct 14 2010 /bin/ping


and besides, its not just ping that isnt working.

i get this problem with the loopback interface, with the ethernet
interface, and with the wireless interface.


/sbin/route shows no entries, not even locally connected networks but
even after adding one problem persists.

e.g.
route add -net 127.0.0.0/8 lo


some people have also suggested ip tables could be the problem but as
far as I can tell no rules are installed. it doesnt even look like
iptables support is compiled into the kernel

root@netbook:~# /sbin/iptables -L
iptables v1.4.8: can't initialize iptables table `filter`: iptables
who? (do you need insmod?)
Perhaps iptables or your kernel needs to be upgraded.


I've never seen a problem like this. Does anyone have any ideas or
suggestions on what to look for or what to try next?

Thanks or your time.

--

Kind Regards,

Christopher Barnes

e. chris.p...@gmail.com
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html

Nick Andrew

unread,
Aug 28, 2011, 11:46:39 PM8/28/11
to Chris Barnes, sl...@slug.org.au
On Mon, Aug 29, 2011 at 01:06:34PM +1000, Chris Barnes wrote:
> cpbarnes@netbook:~$ ping 127.0.0.1
> socket: Permission denied
> cpbarnes@netbook:~$ wget http://127.0.0.1/
> Connecting to 127.0.0.1:80... failed: Permission denied.

Interesting.

Try "strace wget http://127.0.0.1/" and see which system calls are failing.

My guess is bad permissions on /dev, /sys or /proc. Backup guesses are:
something to do with selinux, out of memory, bad capabilities, or some
important module not loaded!

Nick.

Chris Barnes

unread,
Aug 29, 2011, 6:52:42 AM8/29/11
to Nick Andrew, sl...@slug.org.au
i checked strace already but it doesnt appear to tell me much. see below.

i ran chmod -R 777 over /proc /sys and /dev
same problem.

as for SELinux, i couldnt find any selinux configs and according to ls
-Z none of the files are labelled so it looks like its not running,
however ive rebooted with selinux=0 and enforcing=0 as kernel args on
the boot line. problem persists.

as Flanders would say "as melon scratchers go, that's a honey doodle" :)


cpbarnes@netbook:~$ strace -o strace_wget.txt wget -t 1 http://127.0.0.1

execve("/usr/bin/wget", ["wget", "-t", "1", "http://127.0.0.1"], [/*
13 vars */]) = 0
brk(0)                                  = 0x68000
uname({sys="Linux", node="netbook", ...}) = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x4001d000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=31752, ...}) = 0
mmap2(NULL, 31752, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40026000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/libssl.so.0.9.8", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0`\335\0\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=270772, ...}) = 0
mmap2(NULL, 302164, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0x4002e000
mprotect(0x4006d000, 28672, PROT_NONE)  = 0
mmap2(0x40074000, 16384, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3e) = 0x40074000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/libcrypto.so.0.9.8", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\24Y\4\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=1247604, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x4001e000
mmap2(NULL, 1291440, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
3, 0) = 0x40078000
mprotect(0x40193000, 32768, PROT_NONE)  = 0
mmap2(0x4019b000, 90112, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x11b) = 0x4019b000
mmap2(0x401b1000, 9392, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x401b1000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/libdl.so.2", O_RDONLY)       = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0$\t\0\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=9808, ...}) = 0
mmap2(NULL, 41136, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0x401b4000
mprotect(0x401b6000, 28672, PROT_NONE)  = 0
mmap2(0x401bd000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1) = 0x401bd000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/librt.so.1", O_RDONLY)       = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\300\26\0\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=26632, ...}) = 0
mmap2(NULL, 57876, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0x401bf000
mprotect(0x401c5000, 28672, PROT_NONE)  = 0
mmap2(0x401cc000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5) = 0x401cc000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/libgcc_s.so.1", O_RDONLY)    = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\4-\0\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=47212, ...}) = 0
mmap2(NULL, 78548, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0x401ce000
mprotect(0x401da000, 28672, PROT_NONE)  = 0
mmap2(0x401e1000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb) = 0x401e1000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/libc.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\314V\1\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1205684, ...}) = 0
mmap2(NULL, 1242372, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
3, 0) = 0x401e2000
mprotect(0x40305000, 28672, PROT_NONE)  = 0
mmap2(0x4030c000, 12288, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x122) = 0x4030c000
mmap2(0x4030f000, 9476, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4030f000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/usr/lib/libz.so.1", O_RDONLY)    = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0
\27\0\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=82124, ...}) = 0
mmap2(NULL, 113452, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0x40312000
mprotect(0x40326000, 28672, PROT_NONE)  = 0
mmap2(0x4032d000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x13) = 0x4032d000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/libpthread.so.0", O_RDONLY)  = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\fD\0\0004\0\0\0"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=120505, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x4001f000
mmap2(NULL, 127508, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3,
0) = 0x4032e000
mprotect(0x40343000, 28672, PROT_NONE)  = 0
mmap2(0x4034a000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14) = 0x4034a000
mmap2(0x4034c000, 4628, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4034c000
close(3)                                = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x40020000
set_tls(0x4001fd30, 0x40020407, 0x40020408, 0x4001fd30, 0x40025000) = 0
mprotect(0x4034a000, 4096, PROT_READ)   = 0
mprotect(0x4030c000, 8192, PROT_READ)   = 0
mprotect(0x401cc000, 4096, PROT_READ)   = 0
mprotect(0x401bd000, 4096, PROT_READ)   = 0
mprotect(0x40024000, 4096, PROT_READ)   = 0
munmap(0x40026000, 31752)               = 0
set_tid_address(0x4001f8d8)             = 1087
set_robust_list(0x4001f8e0, 0xc)        = 0
futex(0xbe890844, FUTEX_WAKE_PRIVATE, 1) = 0
futex(0xbe890844, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 1,
NULL, 4034b000) = -1 EAGAIN (Resource temporarily unavailable)
rt_sigaction(SIGRTMIN, {0x40332314, [], SA_SIGINFO|0x4000000}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0x403321a8, [],
SA_RESTART|SA_SIGINFO|0x4000000}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
brk(0)                                  = 0x68000
brk(0x89000)                            = 0x89000
stat64("/etc/wgetrc", {st_mode=S_IFREG|0644, st_size=4496, ...}) = 0
open("/etc/wgetrc", O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=4496, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x40021000
read(3, "###\n### Sample Wget initializati"..., 4096) = 4096
read(3, "nks = on having been specified),"..., 4096) = 400
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0x40021000, 4096)                = 0
stat64("/home/cpbarnes/.wgetrc", 0xbe8905f0) = -1 ENOENT (No such file
or directory)
ioctl(2, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(2, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
rt_sigaction(SIGHUP, {SIG_IGN, [HUP], SA_RESTART|0x4000000}, {SIG_DFL,
[], 0}, 8) = 0
rt_sigaction(SIGHUP, {0x25524, [HUP], SA_RESTART|0x4000000}, {SIG_IGN,
[HUP], SA_RESTART|0x4000000}, 8) = 0
rt_sigaction(SIGUSR1, {0x25524, [USR1], SA_RESTART|0x4000000},
{SIG_DFL, [], 0}, 8) = 0
rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTART|0x4000000},
{SIG_DFL, [], 0}, 8) = 0
rt_sigaction(SIGWINCH, {0x2616c, [WINCH], SA_RESTART|0x4000000},
{SIG_DFL, [], 0}, 8) = 0
stat64("index.html", 0xbe890300)        = -1 ENOENT (No such file or directory)
stat64("index.html", 0xbe890360)        = -1 ENOENT (No such file or directory)
stat64("index.html", 0xbe890300)        = -1 ENOENT (No such file or directory)
gettimeofday({1314647403, 902610}, NULL) = 0
open("/etc/localtime", O_RDONLY)        = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=2102, ...}) = 0
fstat64(3, {st_mode=S_IFREG|0644, st_size=2102, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x40021000
read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\4\0\0\0\4\0\0\0\0"...,
4096) = 2102
_llseek(3, -28, [2074], SEEK_CUR)       = 0
read(3, "\nCET-1CEST,M3.5.0,M10.5.0/3\n", 4096) = 28
close(3)                                = 0
munmap(0x40021000, 4096)                = 0
write(2, "--2011-08-29 21:50:03--  http://"..., 43) = 43
stat64("/home/cpbarnes/.netrc", 0xbe8900f8) = -1 ENOENT (No such file
or directory)
<-------- BEGIN INTERESTING SECTION -------->
socket(PF_NETLINK, SOCK_RAW, 0)         = 3
bind(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
getsockname(3, {sa_family=AF_NETLINK, pid=1087, groups=00000000}, [12]) = 0
gettimeofday({1314647403, 949348}, NULL) = 0
sendto(3, "\24\0\0\0\26\0\1\3k\355[N\0\0\0\0\0\0\0\0", 20, 0,
{sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0,
groups=00000000},
msg_iov(1)=[{"0\0\0\0\24\0\2\0k\355[N?\4\0\0\2\10\200\376\1\0\0\0\10\0\1\0\177\0\0\1"...,
4096}], msg_controllen=0, msg_flags=0}, 0) = 48
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0,
groups=00000000},
msg_iov(1)=[{"\24\0\0\0\3\0\2\0k\355[N?\4\0\0\0\0\0\0\1\0\0\0\10\0\1\0\177\0\0\1"...,
4096}], msg_controllen=0, msg_flags=0}, 0) = 20
close(3)                                = 0
write(2, "Connecting to 127.0.0.1:80... ", 30) = 30
socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = -1 EACCES (Permission denied)
write(2, "failed: Permission denied.\n", 27) = 27
<-------- END INTERESTING SECTION -------->
gettimeofday({1314647403, 986997}, NULL) = 0
stat64("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2102, ...}) = 0
write(2, "Giving up.\n\n", 12)          = 12
close(2)                                = 0
exit_group(4)                           = ?

On Mon, Aug 29, 2011 at 1:46 PM, Nick Andrew <ni...@nick-andrew.net> wrote:
> On Mon, Aug 29, 2011 at 01:06:34PM +1000, Chris Barnes wrote:
>> cpbarnes@netbook:~$ ping 127.0.0.1
>> socket: Permission denied
>> cpbarnes@netbook:~$ wget http://127.0.0.1/
>> Connecting to 127.0.0.1:80... failed: Permission denied.
>
> Interesting.
>
> Try "strace wget http://127.0.0.1/" and see which system calls are failing.
>
> My guess is bad permissions on /dev, /sys or /proc. Backup guesses are:
> something to do with selinux, out of memory, bad capabilities, or some
> important module not loaded!
>
> Nick.
>
>

--
Kind Regards,

Christopher Barnes

e. chris.p...@gmail.com

Mark Walkom

unread,
Aug 29, 2011, 7:17:56 AM8/29/11
to sl...@slug.org.au
Here's my strace, I just cut the parts around where you highlighted to save
on the wall of text;
stat64("/home/mark/.netrc", 0xbff3cb44) = -1 ENOENT (No such file or
directory)

socket(PF_NETLINK, SOCK_RAW, 0) = 3
bind(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0
getsockname(3, {sa_family=AF_NETLINK, pid=3489, groups=00000000}, [12]) = 0
time(NULL) = 1314616478
sendto(3, "\24\0\0\0\26\0\1\3\236t[N\0\0\0\0\0\0\0\0", 20, 0,

{sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000},
msg_iov(1)=[{"0\0\0\0\24\0\2\0\236t[N\241\r\0\0\2\10\200\376\1\0\0\0\10\0\1\0\177\0\0\1"...,
4096}], msg_controllen=0, msg_flags=0}, 0) = 160

recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000},
msg_iov(1)=[{"@\0\0\0\24\0\2\0\236t[N\241\r\0\0\n\200\200\376\1\0\0\0\24\0\1\0\0\0\0\0"...,
4096}], msg_controllen=0, msg_flags=0}, 0) = 128

recvmsg(3, {msg_name(12)={sa_family=AF_NETLINK, pid=0, groups=00000000},
msg_iov(1)=[{"\24\0\0\0\3\0\2\0\236t[N\241\r\0\0\0\0\0\0\1\0\0\0\24\0\1\0\0\0\0\0"...,

4096}], msg_controllen=0, msg_flags=0}, 0) = 20
close(3) = 0
open("/usr/share/locale/en_AU.utf8/LC_MESSAGES/wget.mo", O_RDONLY) = -1

ENOENT (No such file or directory)
open("/usr/share/locale/en_AU/LC_MESSAGES/wget.mo", O_RDONLY) = -1 ENOENT

(No such file or directory)
open("/usr/share/locale/en.utf8/LC_MESSAGES/wget.mo", O_RDONLY) = -1 ENOENT

(No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/wget.mo", O_RDONLY) = -1 ENOENT (No
such file or directory)
open("/usr/share/locale-langpack/en_AU.utf8/LC_MESSAGES/wget.mo", O_RDONLY)

= -1 ENOENT (No such file or directory)
open("/usr/share/locale-langpack/en_AU/LC_MESSAGES/wget.mo", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=15587, ...}) = 0
mmap2(NULL, 15587, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb745f000
close(3) = 0
open("/usr/share/locale-langpack/en.utf8/LC_MESSAGES/wget.mo", O_RDONLY) =

-1 ENOENT (No such file or directory)
open("/usr/share/locale-langpack/en/LC_MESSAGES/wget.mo", O_RDONLY) = -1

ENOENT (No such file or directory)
write(2, "Connecting to 127.0.0.1:80... ", 30Connecting to 127.0.0.1:80... )
= 30

Maybe check your locales?

Chris Barnes

unread,
Aug 29, 2011, 9:40:10 AM8/29/11
to Mark Walkom, sl...@slug.org.au
Wasnt too sure what to check when it came to locales.

echo ${LANG} returned blank so I set LANG=en_AU.iso88591

didnt make any difference to wget or what strace shows when running wget.

but interestingly i ran strace with ifconfig and that shows a few
interesting bits. not quite sure what it means at this stage.


<SNIP>
open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE) = -1


ENOENT (No such file or directory)

open("/usr/share/locale/locale.alias", O_RDONLY) = -1 ENOENT (No such
file or directory)
open("/usr/lib/locale/en_AU.iso88591/LC_IDENTIFICATION", O_RDONLY) =


-1 ENOENT (No such file or directory)

open("/usr/lib/locale/en_AU/LC_IDENTIFICATION", O_RDONLY) = -1 ENOENT


(No such file or directory)

open("/usr/lib/locale/en.iso88591/LC_IDENTIFICATION", O_RDONLY) = -1


ENOENT (No such file or directory)

open("/usr/lib/locale/en/LC_IDENTIFICATION", O_RDONLY) = -1 ENOENT (No
such file or directory)


uname({sys="Linux", node="netbook", ...}) = 0

access("/proc/net", R_OK) = 0
access("/proc/net/unix", R_OK) = 0
socket(PF_FILE, SOCK_DGRAM, 0) = 3
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = -1 EACCES (Permission denied)
access("/proc/net/if_inet6", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/ax25", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/nr", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/rose", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/ipx", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/appletalk", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/sys/net/econet", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/sys/net/ash", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/x25", R_OK) = -1 ENOENT (No such file or directory)
open("/proc/net/dev", O_RDONLY) = 4
fstat64(4, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0


mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x40020000

read(4, "Inter-| Receive "..., 1024) = 692
read(4, "", 1024) = 0
close(4) = 0
munmap(0x40020000, 4096) = 0
write(2, "warning: no inet socket availabl"..., 61) = 61
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = -1 EACCES (Permission denied)
access("/proc/net/if_inet6", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/ax25", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/nr", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/rose", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/ipx", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/appletalk", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/sys/net/econet", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/sys/net/ash", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/x25", R_OK) = -1 ENOENT (No such file or directory)
ioctl(3, SIOCGIFCONF, {64, {{"lo", {AF_INET, inet_addr("127.0.0.1")}},
{"eth2", {AF_INET, inet_addr("10.42.43.55")}}}}) = 0
</SNIP>

The bit of particular interest to me is that the last line shows the
ip address of the interfaces lo and eth2 and yet outside of strace
this appears to be the only piece of information ifconfig doesnt
display to regular users.


and this is strace of ifconfig run as root

unlike the strace run as the regular user this strace didnt show any
lines like the first 6 above relating to locale files.

<SNIP>


uname({sys="Linux", node="netbook", ...}) = 0

access("/proc/net", R_OK) = 0
access("/proc/net/unix", R_OK) = 0
socket(PF_FILE, SOCK_DGRAM, 0) = 3
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
access("/proc/net/if_inet6", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/ax25", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/nr", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/rose", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/ipx", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/appletalk", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/sys/net/econet", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/sys/net/ash", R_OK) = -1 ENOENT (No such file or directory)
access("/proc/net/x25", R_OK) = -1 ENOENT (No such file or directory)
open("/proc/net/dev", O_RDONLY) = 5
fstat64(5, {st_mode=S_IFREG|0777, st_size=0, ...}) = 0


mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x40020000

read(5, "Inter-| Receive "..., 1024) = 692
read(5, "", 1024) = 0
close(5) = 0
munmap(0x40020000, 4096) = 0
ioctl(4, SIOCGIFCONF, {64, {{"lo", {AF_INET, inet_addr("127.0.0.1")}},
{"eth2", {AF_INET, inet_addr("10.42.43.55")}}}}) = 0
</SNIP>

so i does kinda look like a locale problem i guess.

--
Kind Regards,

Christopher Barnes
Microsoft Certified Systems Engineer
Microsoft Certified IT Professional

e. chris.p...@gmail.com

pe...@chubb.wattle.id.au

unread,
Aug 29, 2011, 7:11:21 PM8/29/11
to Chris Barnes, sl...@slug.org.au

It's nothing to do with locales.

This line:

socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = -1 EACCES (Permission denied)

is your problem.

My guess is you're using an android derived kernel, and you have
CONFIG_ANDROID_PARANOID_NETWORK set. In this case you need to create
a group called aid_inet and add yourself (and any other users wanting
to use the network) to that group:

As root:
groupadd -g 3003 aid_inet
usermod -G aid_inet your_login_name

See http://elinux.org/Android_Security#Paranoid_network-ing

y

Chris Barnes

unread,
Aug 29, 2011, 7:17:20 PM8/29/11
to pe...@chubb.wattle.id.au, sl...@slug.org.au
Hi Peter,

You're absolutely right. I was tired as hell when i posted the email
last night and realised this morning in the shower the real error was
the one you pointed out.

I think you're right about it being an Android derived kernel as the
installers provided by the Netbook manufacturer for the Debian system
and the Android system both contain the same customised kernel.

I'll do what you suggested shortly and let you know how it goes.


On Tue, Aug 30, 2011 at 9:11 AM, <pe...@chubb.wattle.id.au> wrote:
>
> It's nothing to do with locales.
>
> This line:
>
> socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = -1 EACCES (Permission denied)
>
> is your problem.
>
> My guess is you're using an android derived kernel, and you have
> CONFIG_ANDROID_PARANOID_NETWORK set.  In this case you need to create
> a group called aid_inet and add yourself (and any other users wanting
> to use the network) to that group:
>
> As root:
>  groupadd -g 3003 aid_inet
>  usermod -G aid_inet your_login_name
>
> See http://elinux.org/Android_Security#Paranoid_network-ing
>
> y
>
>

--
Kind Regards,

Christopher Barnes
Microsoft Certified Systems Engineer
Microsoft Certified IT Professional

e. chris.p...@gmail.com

Nick Andrew

unread,
Aug 29, 2011, 6:57:50 PM8/29/11
to Chris Barnes, sl...@slug.org.au
Your problem is here:

On Mon, Aug 29, 2011 at 08:52:42PM +1000, Chris Barnes wrote:
> socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = -1 EACCES (Permission denied)
> write(2, "failed: Permission denied.\n", 27) = 27
> <-------- END INTERESTING SECTION -------->

My wget trace here shows:

socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(80), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
write(2, "connected.\n", 11) = 11

Your problem is definitely in the kernel, and not locales (which is just
message printing). But just why the kernel is refusing to create a TCP
socket for you is a mystery.

Can you send the contents of /proc/net/dev please.

Is there a way you can find out what kernel capabilities your process has?

Nick.
--
PGP Key ID = 0x418487E7 http://www.nick-andrew.net/
PGP Key fingerprint = B3ED 6894 8E49 1770 C24A 67E3 6266 6EB9 4184 87E7

Chris Barnes

unread,
Aug 29, 2011, 11:15:30 PM8/29/11
to Nick Andrew, sl...@slug.org.au
Problem resolved.

but for your amusement heres some info about the netbook and processor.

It features a WonderMedia 8505 SOC which is an ARM926EJ-S rev 5
compatible proc. 174.48bogomips, features swp, half, thumb, fastmult,
edsp, java

>From what I understand the thumb and java features mean it can execute
native ARM and Java bytecode.

Its got a whole 128Megs of ram, or more like 100megs usable after the
kernel and everything is loaded. It'll start to swap when using
Aptitude :)

its got 2gig nand flash as internal storage which is presented to the
system as a usb disk...so booting is nice and fast - "/dev/sda2
rootdelay=7" :|

built-in fastethernet and b/g wifi


Thanks again for your help.

On Tue, Aug 30, 2011 at 8:57 AM, Nick Andrew <ni...@nick-andrew.net> wrote:
> Your problem is here:
>
> On Mon, Aug 29, 2011 at 08:52:42PM +1000, Chris Barnes wrote:
>> socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = -1 EACCES (Permission denied)
>> write(2, "failed: Permission denied.\n", 27) = 27
>>     <--------    END INTERESTING SECTION    -------->
>
> My wget trace here shows:
>
>        socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3
>        connect(3, {sa_family=AF_INET, sin_port=htons(80), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
>        write(2, "connected.\n", 11)            = 11
>
> Your problem is definitely in the kernel, and not locales (which is just
> message printing). But just why the kernel is refusing to create a TCP
> socket for you is a mystery.
>
> Can you send the contents of /proc/net/dev please.
>
> Is there a way you can find out what kernel capabilities your process has?
>
> Nick.
> --
> PGP Key ID = 0x418487E7                      http://www.nick-andrew.net/
> PGP Key fingerprint = B3ED 6894 8E49 1770 C24A  67E3 6266 6EB9 4184 87E7
>

--
Kind Regards,

Christopher Barnes
Microsoft Certified Systems Engineer
Microsoft Certified IT Professional

e. chris.p...@gmail.com

endle...@gmail.com

unread,
May 7, 2018, 2:29:55 AM5/7/18
to Sydney Linux Users' Group
it works like a charm, my head is blowing up these days, and finally i found this

在 2011年8月30日星期二 UTC+8上午7:11:21,pe...@chubb.wattle.id.au写道:
Reply all
Reply to author
Forward
0 new messages