jwp@larry.sal.wisc.edu (Jeffrey W Percival) (08/25/89)
We have a flock of Ultrix vaxes and workstations, and I like to have a few "xload" displays on my workstation screen. I do a "rsh foo xload ..." for each CPU I want to look at. Most work fine, but one comes back with "restricted operation on file system". What causes this message, and how do I fix it? -- Jeff Percival (jwp@larry.sal.wisc.edu)
klee@gilroy.pa.dec.com (Ken Lee) (08/26/89)
In article <714@larry.sal.wisc.edu>, jwp@larry.sal.wisc.edu (Jeffrey W Percival) writes: > We have a flock of Ultrix vaxes and workstations, and I > like to have a few "xload" displays on my workstation > screen. I do a "rsh foo xload ..." for each CPU I want to look at. > Most work fine, but one comes back with "restricted operation > on file system". > > What causes this message, and how do I fix it? From the xload man page: The xload command requires the ability to open and read /dev/kmem. On most systems, this requires the suid bit set with root ownership or the sgid bit set and membership in the same group as /dev/kmem. A not especially secure alternative is to make /dev/kmem world readable. Ken Lee DEC Western Software Laboratory, Palo Alto, Calif. Internet: klee@decwrl.dec.com uucp: uunet!decwrl!klee
kennish@janus.Berkeley.EDU (Ken A. Nishimura) (08/26/89)
In article <714@larry.sal.wisc.edu> jwp@larry.sal.wisc.edu (Jeffrey W Percival) writes: >We have a flock of Ultrix vaxes and workstations, and I >like to have a few "xload" displays on my workstation >screen. I do a "rsh foo xload ..." for each CPU I want to look at. >Most work fine, but one comes back with "restricted operation >on file system". > >What causes this message, and how do I fix it? >-- xload reads /dev/kmem to get the load average figures. On many machines, /dev/kmem is not readable by the average user for security reasons. As such, xload is usually setgid "kmem" and /dev/kmem is chgrp'ed to kmem and made group readable. Now, if the xload binary is NFS mounted and the nosuid flag is set, then you will get the above message. Also, if anyone other than root mounts a filesystem, the nosuid flag is automatically set. -ken