Kernel tracing from inside a Docker container

Mathieu Desnoyers mathieu.desnoyers at efficios.com
Thu Nov 7 09:27:34 EST 2024 

On 2024-11-07 03:03, Dirk Eibach via lttng-dev wrote:
> Hi,
> 
> sorry, Outlook is messing up my plaintext mails, so I am switching to
> my gmail account.
> 
>> lttng-modules exposes its control ABI through the virtual file /proc/lttng.
>>
>> Does you container have access to that file ?
> 
> The container is running in privileged mode.
> root at 9348eb19e6f4:/# ls -l /proc/lttng
> -rw------- 1 root root 0 Nov  6 16:05 /proc/lttng
> 
>> Note that if you give access to that file within the container, then the container
>> can observe detailed information about kernel internals (including related to
>> other containers).
> 
> This is a development-only system, so the security implications are acceptable.
> 
> I have observed one more thing. When I start the session daemon with
> the -vvv option I get:
> root at 9348eb19e6f4:/# lttng list --kernel
> DBG1 - 07:31:23.811796947 [Client management]: Wait for client
> response (in thread_manage_clients() at client.c:2576)
> DBG1 - 07:31:23.811867247 [Client management]: Receiving data from
> client ... (in thread_manage_clients() at client.c:2604)
> DBG1 - 07:31:23.811945247 [Client management]: Processing client
> command 'LTTNG_LIST_TRACEPOINTS' (14) (in process_client_msg() at
> client.c:1016)
> Error: Failed to load kmod library resources
> Warning: No kernel tracer available

I suspect that you have two choices here:

1) You modprobe all LTTng modules from your top level namespace (host
    system) before starting lttng-sessiond within the container, or

2) You ensure that the container has the ability to load kernel
    modules, and you make sure the lttng-modules .ko are available
    in the container's under /lib/modules/$(uname -r)/ directory.
    (and run depmod -a), then launch lttng-sessiond as root.

Thanks,

Mathieu

> DBG1 - 07:31:23.812076447 [Client management]: Missing llm header,
> creating one. (in process_client_msg() at client.c:2381)
> DBG1 - 07:31:23.812085547 [Client management]: Sending response (size:
> 24, retcode: Kernel tracer not available (33)) (in
> thread_manage_clients() at client.c:2683)
> DBG1 - 07:31:23.812156547 [Client management]: Accepting client
> command ... (in thread_manage_clients() at client.c:2534)
> Error: Unable to list kernel events: Kernel tracer not available
> 
> Regards
> Dirk

-- 
Mathieu Desnoyers
EfficiOS Inc.
https://www.efficios.com

More information about the lttng-dev mailing list