This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: run-stap vs -c


> I am confused about the different id outputs.  Complex commands are
> invoked using "sh -c '...'", and simple commands are invoked directly.
> Why would sh change the EUID?
[...]
> But anyway, I still don't think it's right for us to run stapio with
> EUID=0...

Ah.  Sure, agreed.  I was just fooled by that sh behavior too.

> $ sudo usermod -a -G stapdev roland
> 
> Voila.

Bzzt.  Not meeting the problem spec.  That's what the sudo is for.
NO KIND OF INSTALLATION OR SYSTEM SETUP BEFORE YOU USE IT!

> In this model, the /sys/debug/... channel is owned by me, and the
> stapio runs as me.  The sudo in this case is only being used to emulate
> what setuid would have done, and all the normal permission checks in
> staprun still apply.

That is not the mandate for the feature, sorry.
sudo is the only thing deciding your permissions,
or you are not implementing what we're here for.


Thanks,
Roland


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]