This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: The dropped file


Hi David,

On Fri, 2011-07-15 at 09:50 -0500, David Smith wrote:
> On 07/15/2011 06:47 AM, Mark Wielaard wrote:
> > The relay_v2 transport creates a "dropped" file in the debugfs dir of
> > the module. This file is created with mode 0444 and so is readable for
> > everybody. That can at times lead to weird behavior since if somebody
> > has that file open the module can no longer unload, leading to a
> > successful script erroring out. Now this might not happen often, it was
> > a weird script I was running that caused it, but it seems just creating
> > the file with mode 0400 seems to work fine, and guards me from stupid
> > scripts. So I am testing that, but don't fully understand what reads the
> > dropped file on the other end. Anybody?
> 
> The user reads the dropped file to know how many messages the relay
> system had to drop because all the buffer were full.

OK, so I still haven't found where in the code that is happening, but
that means only the user himself needs read access then.

> Since the user owns the dropped file, I don't see how changing the mode
> to 400 will help you here (now I don't believe it could hurt either).  I
> guess it could keep others from keeping you from unloading your module.

Yes, that was what was happening, some cron script was scanning over the
systemtap modules dir and happened to keep the dropped file open because
it was readable (long story, don't ask, me being a little stupid), and
so all my stap scripts started failing with me having to manually unload
the modules. Even thought the cron job was not running as me.

I hadn't thought about the user herself keeping the file open. That
would still be an issue, but is less malicious/annoying. I don't think
we can prevent that.

I'll commit the change to set the mode to 0400 then to make it less
likely that some other users does it just to annoy you.

Thanks,

Mark


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]