This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: run-stap vs -c


Roland McGrath wrote:
>> The control channel owner is set to the current UID/GID during the
>> module init.  Since staprun normally has UID=user/EUID=root when it
>> loads the module, it's no problem for stapio.
> 
> Ah, I see.  So staprun really does magically know about being setuid, not
> just "privilege works".  In that case, to run under sudo it would still
> take a little wrapper (to call setresuid and exec staprun) that is hard to
> script.  But wait, the mother of all bad scripting solutions can handle it!
> 
> I pushed some new code.

Actually, I think it's not quite ugly enough. :/

  $ ./run-stap -w -e 'probe begin {}' -c id
  uid=500(jistone) gid=500(jistone) euid=0(root) egid=0(root) ...

And you can see that stapio also has EUID root and the control channel
is owned by root.  (ls -l /sys/kernel/debug/systemtap/stap_*/.cmd)

What we really need to kludge the setuid is to setup the uid/euid before
the staprun call, not the stapio call... pushed...

Josh


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]