similar to: how can we use libdtrace within the DTrace security restrictions?

Displaying 20 results from an estimated 400 matches similar to: "how can we use libdtrace within the DTrace security restrictions?"

2006 Oct 24
3
determining raidz pool configuration
Hi all, Sorry for the newbie question, but I''ve looked at the docs and haven''t been able to find an answer for this. I''m working with a system where the pool has already been configured and want to determine what the configuration is. I had thought that''d be with zpool status -v <poolname>, but it doesn''t seem to agree with the
2007 Jan 31
1
[patch?] dtrace privs in zones ?
Hello, According to http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=4970596 and other notes I read it appears that the ability to run dtrace programs (by having dtrace_proc and dtrace_user privileges configured inside NGZ''s) has been made available (through various projects) since build 37 of Nevada. I am not merely referring to configurable privileges alone, but to
2007 Apr 27
6
User Privileges and Dtrace
Dear Experts, My customer is migrating to Solaris 10 from Solaris 8 and have asked me to determine if: With Dtrace, is the user limited to probing only processes they own? The customer has a general security requirement to control user access via management of privileges. Currently, on Solaris 8, LDAP is strongly while RBAC is weakly applied. This will likely change in the Solaris 10 production
2008 Feb 08
16
Dom0 issues: snv_79b and Tecra M9
Hi all, I have a Toshiba Tecra M9 and have not been able to boot it dom0. This is running SXDE 01/08, snv79b. After booting under kmdb and setting moddebug=80000000 before booting the Solaris kernel (with help from Dan Mick), I was able to see mac_ether as the last thing loading, right after loading the e1000g driver. I cannot drop into kmdb via F1-A after it hangs. I''ve also
2008 Apr 14
9
Mozilla Dtrace and Tabs?
I use a lot of tabs and Firefox runs very slowly. I would like to figure out which tabs are eating up resources (cpu, memory, etc). Will the Mozilla dtrace framework be any help with this? -- This message posted from opensolaris.org
2008 Apr 03
5
Solaris 10 FW/IPF in a Open Solaris dom/U?
I''m wondering if Open Solaris + xVM will allow me to do the following: I currently have 2 Solaris 10 servers sucking down electrons that I would like to consolidate into 2 xVM instances on a Solaris 11 quad core box. This is what it looks like: Internet --->A sol 10 FW/Web B>---->C Sol 10 app/mail D---> local LAN So interface A is connected to the Internet. The FW/Web box
2008 Aug 13
1
tracing blocks behind I/O
Hi, I know how to trace the number of bytes read/written by a program by summing the argument of that read/write syscall. However, the way the OS services read/write calls is in blocks. I wonder if it''s possible to trace the actual number of blocks read/written caused by the syscalls? -- This message posted from opensolaris.org
2009 Jul 24
9
getting extra characters with printf(copyin(a, b))
Hi, I have a situation where a DTrace script is printing out extra characters, despite the copyin() call giving a specific length. Can anyone think of why this might be? It''s fine the first time all of the probes fire, but on a second run of my generating operations, I get junk in there. For example: set setop length 5, FOUND KEY, STORED set setop length 5, FOUND KEY, STORED get
2006 Jun 20
1
Extending lwpsinfo_t with pr_lgrp for DTrace consumers
The sched provider defines the stable "lgrp" variable that is the lgroup of the current CPU. This is mostly interesting when we can compare it with the actual thread home lgroup, so I''d like to extend the lwpsinfo_t structure with the new pr_lgrp field which will be implemented using translator. This will match the addition of the pr_lgrp field to the proc(4) lwpsinfo_t
2008 Aug 25
11
pid-provider sees ld.so.1 only
I''m trying to do some userspace tracing on a server-process with the pid provider. My problem is, that the only probes the pid-provider lists for the server-process (to which I attach dtrace with "-p nnnn") are coming from "ld.so.1". There''s not a single one from my modules. If I''m specifying "a.out" (or any of our shared-objects) as the
2008 Oct 14
5
dtrace_kernel and privilege escalation
hey.. I talked to my sysadmins about getting access to the dtrace_kernel role, and they said they were hesitant to give this out because they thought it was a security risk - ie: that you could use it for privilege escalation. How true is this? Is there a way to make it user safe? If not, why is it offered as an option for regular users? Thanks much, Ed -- This message posted from
2008 Sep 30
12
dtrace missing ''unlinkat''? showing process stack?
everyone, Just out of curiosity, I did a dtrace -n ''syscall:::entry { @num[execname, probefunc] = count(); }'' and looked at the entries produced by ''rm''. I see everything that rm did, *except* the unlinkat - which is unfortunate because I want to trace which processes have deleted which files. So - does dtrace contain unlinkat as a probe for a system call?
2008 Feb 11
0
Re: achieving deterministic config with xVM (was: Dom0 issues: snv_79b and Tecra M9)
Matt Ingenthron wrote: > This may be specific to my hardware, but I cannot get things to behave > reliably on my system. For instance, I''ve had situations under xVM dom0 > where snv81 can see the e1000g interface with dladm show-dev, but not > plumb it. Then one boot later, I can''t see it with dladm, but can plumb > and up it with DHCP. Are there any e1000g
2006 Oct 31
0
6256581 System got a hang or a panic with dtrace+kmdb
Author: bmc Repository: /hg/zfs-crypto/gate Revision: 213bfe03af413cdf71c523fb076aaa65a6306a7e Log message: 6256581 System got a hang or a panic with dtrace+kmdb 6264573 unanchored dtrace_getpcstack is rather imprecise toward function end 6289517 dtrace doesn''t like fd_intr anymore 6291378 dtrace helpers can interfere with the use of kmdb 6295554 dtrace doesn''t report
2006 Oct 31
0
6370454 dtrace should support USDT probes in static functions
Author: ahl Repository: /hg/zfs-crypto/gate Revision: b1ab97f77b0ad2a4fe2a43d9c5aac7259840bb90 Log message: 6370454 dtrace should support USDT probes in static functions Files: update: usr/src/lib/libdtrace/common/dt_dof.c update: usr/src/lib/libdtrace/common/dt_link.c update: usr/src/lib/libdtrace/common/dt_provider.c update: usr/src/lib/libdtrace/common/dt_provider.h
2008 Mar 03
4
Modifying macro names generated by dtrace -h
I''d like to prepend TRACE_ to the macro names generated by dtrace -h. For example, change POSTGRESQL_LWLOCK_ACQUIRE(arg0, arg1) to TRACE_POSTGRESQL_LWLOCK_ACQUIRE(arg0, arg1) and still keep postgresql as the provider name. The reason for doing this is to make it clear that the macros are used for (D)tracing. In this particular case, without TRACE_, it appears like the macro is used
2007 Jun 07
2
plockstat/dtrace core dump S10U3
Hey, Im able to reproduce a crash from plockstat everytime Im tracing a JVM pid. I do recall a problem related with this one, but not clear if this has been fixed in U3 or is it planned for U4 ? Any BugID opened for this stack trace: > ::stack libc.so.1`strlen+0x50(100003faa, ffffffff7ffff5c8, ffffffff7eca1114, ffffffff7fffec79, 0, 100003fa9) libc.so.1`snprintf+0x88(ffffffff7ffff8f0, 0,
2006 Aug 14
1
Why does dtrace -h remove const qualifier?
If I have the following definition: provider foo { probe bar(const char*); }; and creates the headerfile (snv 43) with dtrace -h I get: extern void __dtrace_foo___bar(char *); This is a "problem" for me (ok, I could add an explicit cast each time I fire the probe, or edit the generated headerfile by hand...), since it generates compilation errors when I call the probe in a C++
2005 Aug 23
0
Duplication in dtrace''s forceload entries in /etc/system
Hi, If you have a custom kernel (and therefore have duplicates of everything in /kernel in your custom kernel) and have noticed that when you try to use anonymous tracing, dtrace adds multiple copies of the forceload directives to /etc/system, e.g.: * vvvv Added by DTrace * * The following forceload directives were added by dtrace(1M) to allow for * tracing during boot. If these
2007 Nov 14
10
[GE users] Apple Leopard has dtrace -- anyone used the SGE probes/scripts yet?
Hi, Chris (cc) and I try to get the SGE master monitor work with Apple Leopard dtrace. Unfortunately we are stuck with the error msg below. Anyone having an idea what could be the cause? What I can rule out as cause is function inlining for the reasons explained below. Background information on SGE master monitor implementation is under http://wiki.gridengine.info/wiki/index.php/Dtrace