Virtualized /proc filesystem

Navigation:  Kernel Settings >

Virtualized /proc filesystem

Previous pageReturn to chapter overviewNext page

You can prevent user from seeing processes of other users (via ps/top command) as well as special files in  /proc file system by setting fs.proc_can_see_other_uid sysctl.


To do that, edit /etc/sysctl.conf




And do:


# sysctl -p




If fs.proc_can_see_other_uid is set to 0, users will not be able to see special files. If it is set to 1 - user will see other processes IDs in /proc filesystem.




The fs.proc_super_gid sets group ID which will see system files in /proc , add any users to that group so they will see all files in /proc . Usually needed by some monitoring users like nagios or zabbix .


Virtualized /proc filesystem will only display following files (as well as directories for PIDs for the user) to unprivileged users: