This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
Re: run-stap vs -c
- From: Josh Stone <jistone at redhat dot com>
- To: Roland McGrath <roland at redhat dot com>
- Cc: systemtap at sources dot redhat dot com
- Date: Wed, 01 Apr 2009 16:21:42 -0700
- Subject: Re: run-stap vs -c
- References: <20090401213813.0148FFC3AB@magilla.sf.frob.com>
Roland McGrath wrote:
> diff --git a/run-stapio.sh b/run-stapio.sh
> new file mode 100755
> index ...3a08203 100755
> --- /dev/null
> +++ b/run-stapio.sh
> @@ -0,0 +1,4 @@
> +#!/bin/sh -x
> +
> +# XXX arg quoting
> +exec /sbin/runuser -m -c "$STAP_REAL_STAPIO $*" ${STAP_REAL_USER}
I expect that the quoting would be easier with sudo -u ...
> But I lose like this:
>
> $ ./run-stap -e 'probe begin { printf("hello world\n") }' -c id
> + exec /sbin/runuser -m -c '/home/roland/build/systemtap/stapio -c id /tmp/stap2EnM0v/stap_a05c4a56c320f1c36b5d8495d10ed9db_635.ko' roland
> ERROR: Couldn't open control channel '/sys/kernel/debug/systemtap/stap_a05c4a56c320f1c36b5d8495d10ed9db_635/.cmd': Permission denied
> Failed to initialize control channel.
> Pass 5: run failed. Try again with another '--vp 00001' option.
> [Exit 1]
> $
>
> That left me trying to figure out how it is that stapio is normally allowed
> to do this open.
The control channel owner is set to the current UID/GID during the
module init. Since staprun normally has UID=user/EUID=root when it
loads the module, it's no problem for stapio.
Josh