[lttng-dev] Userspace privilege

Thibault, Daniel Daniel.Thibault at drdc-rddc.gc.ca
Mon Sep 15 09:23:46 EDT 2014 

----------------------------------------------------------------------
Date: Sat, 13 Sep 2014 05:33:29 +0800
From: Manikandan Govindaswamy <magov at vestas.com>

> We have a busybox version target and starting the lttng on root privilege.
>
> The kernel traces  works fine and we could get all the traces, we have application which needs root privilege to start some part of services and also has tracepoints in it, so have to run my application from root ( part of tracing group).
>
> When I start the another tracing from an user account who is part of tracing group, if I run the lttng list, it opens a new session for the user?
>
> So could not possible to see the user space tracepoints which I've started from root( though it's part of tracing group).
>
> If the user also part of tracing group then the session started by root should have been used by the user trace list, and possible to see the tracepoints or not?
>
> GMK.
----------------------------------------------------------------------
   I'm not sure I understand your question correctly, but I'll try to answer it anyway.

   Your setup sounds right: you have lttng-sessiond running as a root service, and your tracing users are part of the tracing group.

   Sessions are per-user objects, so one user cannot control another's sessions (unless he impersonates that user using 'sudo -H -u <username> lttng ...').

   As long as you are a member of the tracing group, you will see all available user-space tracepoints, from all user-spaces, even root's.  Two tracing users can create individual sessions, each of which can subscribe to the same user-space tracepoints.  There will be discrepancies in the time-stamps of the events in either trace, however (that is to say, the same event will register under slightly different timestamps in either user's trace).

   If you want two users to control the same root session (necessary in order to see root's user-space tracepoints), they need to both impersonate root.  This is done by systematically issuing 'sudo -H lttng ...' commands.

   For more details, see section 3.4 of the LTTng Comprehensive User's Guide (soon to be available; either I or Christian Babeux can send you an advance copy if you'd like).

   If the above does not address your concerns, please explain in detail with sample session extracts.

Daniel U. Thibault
Protection des systèmes et contremesures (PSC) | Systems Protection & Countermeasures (SPC)
Cyber sécurité pour les missions essentielles (CME) | Mission Critical Cyber Security (MCCS)
RDDC - Centre de recherches de Valcartier | DRDC - Valcartier Research Centre
2459 route de la Bravoure
Québec QC  G3J 1X5
CANADA
Vox : (418) 844-4000 x4245
Fax : (418) 844-4538
NAC : 918V QSDJ <http://www.travelgis.com/map.asp?addr=918V%20QSDJ>
Gouvernement du Canada | Government of Canada
<http://www.valcartier.drdc-rddc.gc.ca/>

More information about the lttng-dev mailing list