diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 24 |
1 files changed, 12 insertions, 12 deletions
@@ -39,24 +39,24 @@ - Using the --unprivileged option on stap enables translation-time checking for use by unprivileged users (see restrictions below). - All modules deemed suitable for use by unprivileged users will be signed - by stap-server (see module signing in release 0.9.8 and stap-server in - release 0.9 below). - - Modules signed by trusted signers and verified by staprun will be loaded by - staprun regardless of the user's privilege level. - - The system administrator asserts the trustworthiness of a signer by running - stap-authorize-signing-cert <cert-file> as root, where <cert-file> can - be found in ~<user>/.systemtap/ssl/server/stap.cert for servers started by - ordinary users and in $sysconfdir/systemtap/ssl/server/stap.cert for servers - started by root. + by stap-server when --unprivileged is specified on stap-client (see module + signing in release 0.9.8 and stap-server in release 0.9 below). + - Modules signed by trusted signers (servers) and verified by staprun will be + loaded by staprun regardless of the user's privilege level. + - The system administrator asserts the trustworthiness of a signer (server) by + running stap-authorize-signing-cert <cert-file> as root, where <cert-file> + can be found in ~<user>/.systemtap/ssl/server/stap.cert for servers started + by ordinary users and in $sysconfdir/systemtap/ssl/server/stap.cert for + servers started by root. - Servers started by root are automatically authorized as trusted signers on the local host. - - Restrictions are intentionally strict at this time and will be relaxed in + - Restrictions are intentionally strict at this time and may be relaxed in the future: - probe points are restricted to: begin, begin(n), end, end(n), error, error(n), never, timer.{jiffies,s,sec,ms,msec,us,usec,ns,nsec}(n)*, timer.hz(n), process.* (for processes owned by the user). - - embedded C code is not allowed. + - use of embedded C code is not allowed. - use of tapset functions using embedded C code is restricted. - accessing the kernel memory space is not allowed. - The following command line options may not be used: @@ -142,7 +142,7 @@ syscall arguments are also available by name in nd_syscalls. - Module signing: If the appropriate nss libraries are available on your - system, stap will sign each compiled module using a self-generated + system, stap-server will sign each compiled module using a self-generated certificate. This is the first step toward extending authority to load certain modules to unprivileged users. For now, if the system administrator adds a certificate to a database of trusted signers |