[lttng-dev] [EXTERNAL] Re: Problem with application changing UID

Tue Sep 24 11:52:25 EDT 2019

Hi,

lttng-sessiond is launched in step 1 (with adequate delay before my daemon). 

The versions of LTTng are from poky/sumo: 
* lttng-modules 2.10.9
* lttng-tools 2.9.11
* lttng-ust 2.10.3

Unfortunately, the destroy session call that clears my logs is very likely tied to the systemd service file and the changing of user ID, so reproducing is not so simple. I will have to get back to you on whether or not I can easily make a reproduceable example.

Regards,
Zach

-----Original Message-----
From: Jonathan Rajotte-Julien <jonathan.rajotte-julien at efficios.com> 
Sent: Tuesday, September 24, 2019 5:15 PM
To: Kramer, Zach <Zach.Kramer at cognex.com>
Cc: lttng-dev at lists.lttng.org
Subject: [EXTERNAL] Re: [lttng-dev] Problem with application changing UID

On Tue, Sep 24, 2019 at 02:32:41PM +0000, Kramer, Zach wrote:
> Hi,
> 
> Is LTTng intended to support userspace applications that change their UID at run-time? As in, is there an expected behavior for when this happens?
> 
> For example:
> 
>   1.  Embedded device boots
>   2.  My daemon is launched as root via systemd
>   3.  Runs privileged code
>   4.  Changes UID to a less privileged user (500)
>   5.  Creates LTTng session
>      *   If session already exists, destroy it first
>   6.  <if ‘systemctl stop’ is called>: Destroy session
>      *   Otherwise it will be destroyed next daemon launch in step 5

When in this chain of operations is lttng-sessiond started?

> 
> [cid:image001.png at 01D56F9D.AF158770]
> The logs are cleared when ‘lttng destroy sess’ is called via the LTTng C-API. From my understanding, this should not happen.

I would tend to agree with you here. Would you be able to provide a small reproducer for this? What is the version of lttng-*

--
Jonathan Rajotte-Julien
EfficiOS