diff options
| author | Dave Brolley <brolley@redhat.com> | 2009-08-04 19:19:09 -0400 |
|---|---|---|
| committer | Dave Brolley <brolley@redhat.com> | 2009-08-04 19:19:09 -0400 |
| commit | 500bc85ca6dc99bc65f4157b18e9c48c692a8a20 (patch) | |
| tree | a05e4cacf9cdf8769f6cc1f5af08bbaf501c6f6b | |
| parent | bc9077d171b8250a93a1b5a481e34913e5585dd5 (diff) | |
| download | systemtap-steved-500bc85ca6dc99bc65f4157b18e9c48c692a8a20.tar.gz systemtap-steved-500bc85ca6dc99bc65f4157b18e9c48c692a8a20.tar.xz systemtap-steved-500bc85ca6dc99bc65f4157b18e9c48c692a8a20.zip | |
Add NEWS about unprivileged user support
| -rw-r--r-- | NEWS | 38 |
1 files changed, 38 insertions, 0 deletions
@@ -1,5 +1,43 @@ * What's new +- Support for unprivileged users: + ***************************************************************************** + * WARNING!!!!!!!!!! + * This feature is EXPERIMENTAL at this time and should be used with care. + * This feature allows systemtap kernel modules to be loaded by unprivileged + * users. The user interface and restrictions will change as this feature + * evolves. + ***************************************************************************** + - Systemtap modules generated from scripts which use a restricted subset of + the features available may be loaded by staprun for unprivileged users. + Previously, staprun would load modules only for root or for members of the + groups stapdev and stapusr. + - Using the --unprivileged option on stap enables translation-time checking + for use by unprivileged users (see restrictions below). + - All modules deemed suitable for use by unprivileged users will be signed + by stap (see module signing in release 0.9.8 below). + - Modules signed by trusted users and verified by staprun will be loaded by + staprun regardless of the user's privilege level. + - The system administrator asserts the trustworthiness of a user by running + stap-authorize-signing-cert <cert-file> as root, where <cert-file> can + be found in ~<user>/.systemtap/ssl/server/stap.cert. + - Restrictions are intentionally strict at this time and will be relaxed in + the future: + - probe points are restricted to: + begin, begin(n), end, end(n), error(n), never, + timer.{jiffies,s,sec,ms,msec,us,usec,ns,nsec}(n)*, timer.hz(n) + - embedded C code is not allowed. + - use of tapset functions using embedded C code is restricted. + - accessing the kernel memory space is not allowed. + - The following command line options may not be used: + -g, -I, -D, -R + -r may not be used to select a target kernel other than one from + /lib/modules/RELEASE/build, where RELEASE is a currently installed kernel + release. + - The following environment variables may not be set: + SYSTEMTAP_RUNTIME, SYSTEMTAP_TAPSET, SYSTEMTAP_DEBUGINFO_PATH + - nss and nss-tools are required to use this feature. + - Systemwide kernel .function.return (kretprobe) maxactive defaults may be overridden with the -DKRETACTIVE=nnn parameter. |