/proc content?

[pepesz]

Dear members,

What should be the content of /proc ? I only see folders coresponding to processes PID, nothing more. Is this normal? No things like /proc/sys/kernel/hostname? I'm trying to adopt my script (http://pastebin.com/MXEW6DF4) to show system statistics on the LCD (via LCDd but not the lcdproc). The script uses Sys::Statistics::Linux and therefore procfs.

Thanks in advance.
pepesz

[franco]

Hi pepesz,

/proc is just a stub, not used for anything but general Linux compatibility.

What are you trying to do?

See if you can find some things via sysctl:

# sysctl -a

For hostname, there is a binary:

# hostname

TL;DR: Sys::Statistics::Linux may not be suitable here.


Cheers,
Franco

[pepesz]

Hi Franco,

I'm using perl script (http://pastebin.com/MXEW6DF4) to get and display system stats on LCD. Below is the line I have to replace with sth bsd compatible:

Code Select Expand

my $lxs = Sys::Statistics::Linux->new( cpustats => 1, memstats  => 1, diskusage => 1, netstats => 1 );
Any hint how to achieve this? I will also look into BSD::Sysctl, but freebsd is entirely new adventure for me.

Best regards,
pepesz

[franco]

I don't know, sorry. You can get these values from different commands, but the parsing will be entirely different so it might take a while. :/


Cheers,
Franco

[lattera]

OPNsense doesn't mount procfs by default. procfs exposes some rather interesting security issues. I'd encourage people not to rely on procfs.

I'll port over HardenedBSD's procfs hardening work sometime over the next few weeks. And since procfs is not mounted by default, my procfs hardening work can be pushed out with a patch release.

[pepesz]

Thanks!

@lattera: I'll be waiting :)


Best regards,
pepesz

[lattera]

I've now committed to the master branch the work needed to harden procfs. After additional testing, it should go out in a future patch release.

[pepesz]

@lattera

Any chance I can follow (and how) the progress of that work?

Cheers,
pepesz

[lattera]

It'll be in 17.1.2. So stay tuned. :)