search

djberg96 / sys-proctable

A cross-platform Ruby interface for gathering process information on your operating system
Apache License 2.0
150 stars 33 forks source link

Add openbsd support #108

Closed ninp0 closed 1 year ago

ninp0 commented 1 year ago

Please release a new gem version for OpenBSD compatibility. Thanks.

djberg96 commented 1 year ago

@ninp0 Looking good so far, thanks!

I only have some minor organizational quibbles. Can you move the constants to the constants.rb file, and the structs to the structs.rb file? Also, the "openbsd/sys" directory should be located under "lib/bsd/sys".

And bonus points if you can add openbsd to the github action: https://github.com/vmactions/openbsd-vm

ninp0 commented 1 year ago

@djberg96 - Yep! I was cruising through this super fast yesterday. I realized libkvm better aligns with DragonFly BSD (Instead of FreeBSD), so I'll copy and go from there (since it also contains constants, structs, and functions as well). I'm currently comparing OpenBSD's && DragonFly BSD's libkvm to grok differences. Should have something available shortly.

ninp0 commented 1 year ago

@djberg96 - In order to use kvm_open() in OpenBSD (even when you're root) the following sysctl option needs to be set at boot in /etc/sysctl.conf:

kern.securelevel=-1
kern.allowkmem=1

I thought, "no big deal, I'll just use the sysctl command to set / unset on the fly":

$ sudo sysctl -w kern.securelevel=-1
sysctl: kern.securelevel: Operation not permitted

$ sudo sysctl -w kern.allowkmem=1
sysctl: kern.allowkmem: Operation not permitted

Even though this is less than ideal, I was initially thinking of toggling this back and forth if openbsd is detected by the sys-proctable gem at runtime, somewhat like this:

system('sudo', 'sysctl', '-w', 'kern.allowkmem=1')

however, it's somewhat of a conundrum if one has to completely disable all kernel security in /etc/sysctl.conf && reboot the box in order to successfully call kvm_open (even as root). Probably for the best...more research is required to get this to work. There's got to be a way though, since the ps binary in OpenBSD still has access...gotta look at how they accomplish this task. Here's some more info fwiw: http://marc.info/?l=openbsd-cvs&m=147481705211536&w=2

djberg96 commented 1 year ago

Definitely don't want to be doing sudo inside code, that will not go over well. We'll have to document what it takes to run the code, and let the programmers go from there.

djberg96 commented 1 year ago

@ninp0 Why close it?