From 0c8399ed8bd26a9c7b1550970f1c14dadd833e86 Mon Sep 17 00:00:00 2001
From: Alexey Avramov <hakavlad@gmail.com>
Date: Sun, 16 Feb 2020 21:17:54 +0900
Subject: [PATCH] Check privileges at startup

---
 .travis.yml   |  5 +++--
 nohang/nohang | 29 ++++++++++++++++-------------
 2 files changed, 19 insertions(+), 15 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 52c7e65..a82d820 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -6,8 +6,10 @@ sudo: required
 
 script:
   - sudo make install
-  - sudo systemctl enable --now nohang
+  - sudo systemctl enable --now nohang.service
   - sudo systemctl stop nohang.service
+  - sudo systemctl enable --now nohang-desktop.service
+  - sudo systemctl stop nohang-service.service
 
   - oom-sort -h
   - oom-sort
@@ -19,7 +21,6 @@ script:
   - nohang -cc /etc/nohang/nohang-desktop.conf
   - nohang -cc nohang/test.conf
 
-  - nohang -p
   - sudo nohang -p
 
   - /bin/sleep 60 &
diff --git a/nohang/nohang b/nohang/nohang
index 5cff42e..6c5c377 100755
--- a/nohang/nohang
+++ b/nohang/nohang
@@ -11,6 +11,16 @@ from sre_constants import error as invalid_re
 from signal import signal, SIGKILL, SIGTERM, SIGINT, SIGQUIT, SIGHUP, SIGUSR1
 
 
+def check_permissions():
+    """
+    """
+    try:
+        os.path.realpath('/proc/1/exe')
+    except Exception as e:
+        print('ERROR: missing CAP_SYS_PTRACE: {}'.format(e))
+        exit(1)
+
+
 def memload():
     """
     """
@@ -53,7 +63,7 @@ def memload():
         print('Self loginuid: {}'.format(luid_self))
         print('Init loginuid: {}'.format(luid_init))
         print('Self login UID must not be equal to init login UID to continue.'
-            )
+              )
         print('Exit')
         exit(1)
 
@@ -1228,16 +1238,16 @@ def mlockall():
     MCL_ONFAULT = 4
 
     libc = CDLL('libc.so.6', use_errno=True)
-
     result = libc.mlockall(
         MCL_CURRENT | MCL_FUTURE | MCL_ONFAULT
     )
+
     if result != 0:
         result = libc.mlockall(
             MCL_CURRENT | MCL_FUTURE
         )
         if result != 0:
-            log('WARNING: cannot lock all memory')
+            log('WARNING: cannot lock all memory: [Errno {}]'.format(result))
         else:
             pass
             # log('All memory locked with MCL_CURRENT | MCL_FUTURE')
@@ -3489,11 +3499,7 @@ else:
 
 
 if print_proc_table_flag:
-
-    if not root:
-        log('WARNING: effective UID != 0; euid={}; processes with other e'
-            'uids will be invisible for nohang'.format(self_uid))
-
+    check_permissions()
     func_print_proc_table()
 
 
@@ -3570,13 +3576,10 @@ warn_time_delta = 1000  # ?
 warn_timer = 0
 
 
-if not root:
-    log('WARNING: effective UID != 0; euid={}; processes with other e'
-        'uids will be invisible for nohang'.format(self_uid))
-
-
 mlockall()
 
+check_permissions()
+
 
 psi_avg_string = ''  # will be overwritten if PSI monitoring enabled