[lttng-dev] one sessiond for multiuser system

Thibault, Daniel Daniel.Thibault at drdc-rddc.gc.ca
Mon Aug 12 09:23:20 EDT 2013


----------------------------------------------------------------------
Message: 5
Date: Fri, 9 Aug 2013 10:54:49 -0400
From: J?r?mie Galarneau <jeremie.galarneau at efficios.com>

> On Fri, Aug 9, 2013 at 4:01 AM, Stanislav Vovk <stanislav.vovk at ericsson.com> wrote:
> > In my system there are two users, root and Bob. I am starting sessiond at boot as root user. And instrumented programs are started as either root or Bob. I am logged in to the system and controlling lttng as root user.
> > - When executing "lttng list -u" I see events registered by programs started as root. I don't see events from programs started as Bob. Why? Did I forget something?
> > - Now I switch user to Bob in the shell. Executing "lttng list -u" does not give any output at all, instead a new sessiond is started. How can I have one sessiond for the whole system?
>
> A non-privileged user can only interact with a root session daemon if he is part of the "tracing" group. Is it the case for "Bob" in this example?
>
> Reproducing your scenario here with "Bob" being part of the tracing group:
> - Root can list its own sessions as well as Bob's
> - Bob's user space events can also be seen by root
> - Bob can't see the sessions created by root.

   Actually, a non-root user can also access the root daemon if he has sudo privileges.

   The root daemon will see the various user-space events, but it will *not* list the user sessions: the various lttng-sessiond daemons do not talk to each other.  (This may become possible with a later version of lttng)

   To funnel all tracing through the root daemon, make sure any user lttng-sessiond daemons are killed and only the root lttng-sessiond daemon is running, then either make your users members of the 'tracing' group, or systematically use 'sudo lttng ...' or 'sudo -H lttng ...' from the user shells.  The first form will put the trace outputs in each user's ~/lttng-traces, the second form will combine all trace outputs in /root/lttng-traces.  You may need to chmod the resulting folders and files if you want to later access them as non-root.

Daniel U. Thibault
Protection des systèmes et contremesures (PSC) | Systems Protection & Countermeasures (SPC)
Cyber sécurité pour les missions essentielles (CME) | Mission Critical Cyber Security (MCCS)
R & D pour la défense Canada - Valcartier (RDDC Valcartier) | Defence R&D Canada - Valcartier (DRDC Valcartier)
2459 route de la Bravoure
Québec QC  G3J 1X5
CANADA
Vox : (418) 844-4000 x4245
Fax : (418) 844-4538
NAC : 918V QSDJ <http://www.travelgis.com/map.asp?addr=918V%20QSDJ>
Gouvernement du Canada | Government of Canada
<http://www.valcartier.drdc-rddc.gc.ca/>



More information about the lttng-dev mailing list