Avoid users to see commands executed by others #41

New Issue

Benjamin_Loison · 2024-11-08T01:04:04+01:00

Benjamin_Loison commented

2024-11-08 01:04:04 +01:00

For instance matrix-commander message can easily be seen by others, as it takes time see Benjamin-Loison/matrix-commander/issues/16.

For instance `matrix-commander` message can easily be seen by others, as it takes time see [Benjamin-Loison/matrix-commander/issues/16](https://github.com/Benjamin-Loison/matrix-commander/issues/16).

Benjamin_Loison referenced this issue

2024-11-08 01:04:51 +01:00

List files a user can see names of and contents #42

Benjamin_Loison commented

2024-11-08 01:10:57 +01:00

DuckDuckGo and Google search Linux users to see commands executed by others.

DuckDuckGo and Google search *Linux users to see commands executed by others*.

Benjamin_Loison commented

2024-11-08 01:14:13 +01:00

Issue raised in the Unix Stack Exchange questions 454807 and 17164.

Issue raised in the Unix Stack Exchange questions [454807](https://unix.stackexchange.com/q/454807) and [17164](https://unix.stackexchange.com/q/17164).

Benjamin_Loison commented

2024-11-08 01:49:13 +01:00

mount /proc -o remount,hidepid=2

does not return anything but seems to work as wanted.

mount | grep '^proc'

proc on /proc type proc (rw,nosuid,nodev,noexec,relatime,hidepid=invisible)

```bash mount /proc -o remount,hidepid=2 ``` does not return anything but seems to work as wanted. ```bash mount | grep '^proc' ``` ``` proc on /proc type proc (rw,nosuid,nodev,noexec,relatime,hidepid=invisible) ```

Benjamin_Loison commented

2024-11-08 01:53:13 +01:00

sudo reboot

mount | grep '^proc'

proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)

```bash sudo reboot ``` ```bash mount | grep '^proc' ``` ``` proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) ```

Benjamin_Loison commented

2024-11-08 01:53:55 +01:00

grep proc /etc/fstab

does not return anything.

```bash grep proc /etc/fstab ``` does not return anything.

Benjamin_Loison commented

2024-11-08 01:56:17 +01:00

DuckDuckGo and Google search Debian change mount proc options.

DuckDuckGo and Google search *Debian change mount proc options*.

Benjamin_Loison commented

2024-11-08 02:02:20 +01:00

diff <(mount | sed -e 's/on //' -e 's/type //' | cut -d ' ' -f-3) <(cat /proc/mounts | cut -d ' ' -f-3)

grep '^proc' /proc/mounts

proc /proc proc rw,nosuid,nodev,noexec,relatime,hidepid=invisible 0 0

```bash diff <(mount | sed -e 's/on //' -e 's/type //' | cut -d ' ' -f-3) <(cat /proc/mounts | cut -d ' ' -f-3) ``` ```bash grep '^proc' /proc/mounts ``` ``` proc /proc proc rw,nosuid,nodev,noexec,relatime,hidepid=invisible 0 0 ```

Benjamin_Loison commented

2024-11-08 15:17:51 +01:00

time grep -r 'hidepid' / --exclude-dir={proc,sys}

Output:

grep: /usr/lib/x86_64-linux-gnu/systemd/libsystemd-core-252.so: binary file matches
/usr/share/vim/vim90/syntax/fstab.vim:syn match fsOptionsKeywords contained /\<\%(hidepid\|subset\)=/ nextgroup=fsOptionsString
grep: /usr/bin/systemd-analyze: binary file matches
/root/.bash_history:mount /proc -o remount,hidepid=2
/root/.bash_history:mount /proc -o remount,hidepid=2

real	2m31.245s
user	0m22.077s
sys	0m30.193s

```bash time grep -r 'hidepid' / --exclude-dir={proc,sys} ``` <details> <summary>Output:</summary> ``` grep: /usr/lib/x86_64-linux-gnu/systemd/libsystemd-core-252.so: binary file matches /usr/share/vim/vim90/syntax/fstab.vim:syn match fsOptionsKeywords contained /\<\%(hidepid\|subset\)=/ nextgroup=fsOptionsString grep: /usr/bin/systemd-analyze: binary file matches /root/.bash_history:mount /proc -o remount,hidepid=2 /root/.bash_history:mount /proc -o remount,hidepid=2 real 2m31.245s user 0m22.077s sys 0m30.193s ``` </details>

Benjamin_Loison commented

2024-11-08 15:18:33 +01:00

https://ubuntuforums.org/archive/index.php/t-2443493.html does not seem helpful.

Could give a try to /etc/fstab, see the Super User question 1858984.

https://ubuntuforums.org/archive/index.php/t-2443493.html does not seem helpful. Could give a try to `/etc/fstab`, see [the Super User question 1858984](https://superuser.com/q/1858984).

Benjamin_Loison commented

2024-11-08 17:36:25 +01:00

DuckDuckGo search Debian hidepid on reboot.

DuckDuckGo search *Debian hidepid on reboot*.

Benjamin_Loison commented

2024-11-08 17:52:54 +01:00

ls -l /initrd.img

lrwxrwxrwx 1 root root 30 Oct  6 11:33 /initrd.img -> boot/initrd.img-6.1.0-26-amd64

Source: the Unix Stack Exchange answer 508555

I don't want a crontab solution as the statement may not be the first one run, hence may leak some stuff on reboot.

Related to Benjamin_Loison/cron/issues/21.

```bash ls -l /initrd.img ``` ``` lrwxrwxrwx 1 root root 30 Oct 6 11:33 /initrd.img -> boot/initrd.img-6.1.0-26-amd64 ``` Source: [the Unix Stack Exchange answer 508555](https://unix.stackexchange.com/a/508555) I don't want a crontab solution as the statement may not be the first one run, hence may leak some stuff on reboot. Related to [Benjamin_Loison/cron/issues/21](https://codeberg.org/Benjamin_Loison/cron/issues/21).

Benjamin_Loison commented

2024-11-08 17:54:44 +01:00

ls -lh /boot/initrd.img-6.1.0-26-amd64

-rw-r--r-- 1 root root 37M Oct  6 11:33 /boot/initrd.img-6.1.0-26-amd64

file /boot/initrd.img-6.1.0-26-amd64

/boot/initrd.img-6.1.0-26-amd64: gzip compressed data, was "mkinitramfs-MAIN_axY3t3", last modified: Sun Oct  6 09:33:46 2024, from Unix, original size modulo 2^32 134572032

```bash ls -lh /boot/initrd.img-6.1.0-26-amd64 ``` ``` -rw-r--r-- 1 root root 37M Oct 6 11:33 /boot/initrd.img-6.1.0-26-amd64 ``` ```bash file /boot/initrd.img-6.1.0-26-amd64 ``` ``` /boot/initrd.img-6.1.0-26-amd64: gzip compressed data, was "mkinitramfs-MAIN_axY3t3", last modified: Sun Oct 6 09:33:46 2024, from Unix, original size modulo 2^32 134572032 ```

Benjamin_Loison commented

2024-11-08 17:55:58 +01:00

mkinitramfs

Output:

Command 'mkinitramfs' is available in the following places
 * /sbin/mkinitramfs
 * /usr/sbin/mkinitramfs
The command could not be located because '/usr/sbin:/sbin' is not included in the PATH environment variable.
This is most likely caused by the lack of administrative privileges associated with your user account.
mkinitramfs: command not found

```bash mkinitramfs ``` <details> <summary>Output:</summary> ``` Command 'mkinitramfs' is available in the following places * /sbin/mkinitramfs * /usr/sbin/mkinitramfs The command could not be located because '/usr/sbin:/sbin' is not included in the PATH environment variable. This is most likely caused by the lack of administrative privileges associated with your user account. mkinitramfs: command not found ``` </details>

Benjamin_Loison commented

2024-11-08 17:57:37 +01:00

sudo mkinitramfs

Output:

Usage: mkinitramfs [option]... -o outfile [version]

Options:
  -c compress	Override COMPRESS setting in initramfs.conf.
  -d confdir	Specify an alternative configuration directory.
  -l level	Override COMPRESSLEVEL setting in initramfs.conf.
  -k		Keep temporary directory used to make the image.
  -o outfile	Write to outfile.
  -r root	Override ROOT setting in initramfs.conf.

See mkinitramfs(8) for further details.

```bash sudo mkinitramfs ``` <details> <summary>Output:</summary> ``` Usage: mkinitramfs [option]... -o outfile [version] Options: -c compress Override COMPRESS setting in initramfs.conf. -d confdir Specify an alternative configuration directory. -l level Override COMPRESSLEVEL setting in initramfs.conf. -k Keep temporary directory used to make the image. -o outfile Write to outfile. -r root Override ROOT setting in initramfs.conf. See mkinitramfs(8) for further details. ``` </details>

Benjamin_Loison commented

2024-11-08 18:10:19 +01:00

The Unix Stack Exchange answer 508437:

/etc/fstab:

proc    /proc    proc    defaults,hidepid=2     0     0

results at reboot in:

grep '^proc' /proc/mounts

proc /proc proc rw,relatime,hidepid=invisible 0 0

What are last 2 bits for? They seem to be respectively for backup and fsck (source: https://linuxconfig.org/how-fstab-works-introduction-to-the-etc-fstab-file-on-linux), so not relevant here.

[The Unix Stack Exchange answer 508437](https://unix.stackexchange.com/a/508437): <details> <summary><code>/etc/fstab</code>:</summary> ``` proc /proc proc defaults,hidepid=2 0 0 ``` </details> results at reboot in: ```bash grep '^proc' /proc/mounts ``` ``` proc /proc proc rw,relatime,hidepid=invisible 0 0 ``` What are last 2 bits for? They seem to be respectively for backup and fsck (source: https://linuxconfig.org/how-fstab-works-introduction-to-the-etc-fstab-file-on-linux), so not relevant here.

Benjamin_Loison commented

2024-11-08 18:19:30 +01:00

/etc/fstab:

proc    /proc    proc    defaults,nosuid,nodev,noexec,hidepid=2     0     0

grep '^proc' /proc/mounts

proc /proc proc rw,nosuid,nodev,noexec,relatime,hidepid=invisible 0 0

<details> <summary><code>/etc/fstab</code>:</summary> ``` proc /proc proc defaults,nosuid,nodev,noexec,hidepid=2 0 0 ``` </details> ```bash grep '^proc' /proc/mounts ``` ``` proc /proc proc rw,nosuid,nodev,noexec,relatime,hidepid=invisible 0 0 ```

Benjamin_Loison commented

2024-11-08 18:19:53 +01:00

DuckDuckGo search /etc/fstab syntax.

DuckDuckGo search */etc/fstab syntax*.

Benjamin_Loison commented

2024-11-08 18:22:29 +01:00

![image](/attachments/9711e659-dcf5-498d-b26c-d07fd5f7142e)

image.png

141 KiB

Benjamin_Loison closed this issue

2024-11-08 19:23:01 +01:00

Benjamin_Loison commented

2025-01-23 17:03:06 +01:00

For reference htop and ps aux.

For reference `htop` and `ps aux`.

Benjamin_Loison commented

2025-01-23 17:05:05 +01:00

Can see how much the computer (CPU, RAM, Internet and disk (per disk precise) used and bandwidth) is being used (possibly used by the system or other users, maybe showing the distribution by user would be interesting)? To figure out if running something will be efficient or wait someone else finishing something.

See the messages:

Related to Benjamin_Loison/NVIDIA/issues/3.

Can see how much the computer (CPU, RAM, Internet and disk (per disk precise) used and bandwidth) is being used (possibly used by the system or other users, maybe showing the distribution by user would be interesting)? To figure out if running something will be efficient or wait someone else finishing something. <details> <summary>See the messages:</summary> ``` -----BEGIN PGP MESSAGE----- hF4DTQa9Wom5MBgSAQdAXw50dwh0aoeVOqECMb3fekyCi6t6NwWOAiOn9p1ncTsw 3TBIQr1j7AzksikBFrRPEOQb/BPd5mM/puKO7u39T/jfBebpZSTw/bpNfFQq7kbU 0sAeAWZcguRPq3AveuIXl5IJDvWO88jYi3BXh1dYXwmo3X54mZqIenKV+cZpn0SW ZIBCsZiUKeYt/O7WNK1z3GVFCrFwkrAgjilSMzkZVgrjSSvaVCHWU4lIAkar6rOA uZ/LK+RRkYfju1W7/2hhaqc8lMfC2yy17PRUUkVoZ+gM5Mrzp/bHjx3oNWc3T/yx W3AZ2jEp/6bi7vL97Olr10x5PP3FBZZkb918DAONy/ky+TSZ5jjai02r37g2/ibN PuvdOH6rxNORiPEx9hZrP3P0F8rVGrTBZAup72NKXBUp =l5Wn -----END PGP MESSAGE----- ``` </details> Related to [Benjamin_Loison/NVIDIA/issues/3](https://codeberg.org/Benjamin_Loison/NVIDIA/issues/3).

Benjamin_Loison referenced this issue

2025-01-25 00:11:16 +01:00

Get user running commands #61

Benjamin_Loison commented

2025-02-21 17:08:12 +01:00

Would help Benjamin_Loison/openssh/issues/39.

Would help [Benjamin_Loison/openssh/issues/39](https://salsa.debian.org/Benjamin_Loison/openssh/-/issues/39).

Benjamin_Loison referenced this issue

2025-04-02 23:41:36 +02:00

See how much the computer is being used but without specific program precision #74

Sign in to join this conversation.