This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
[Bug translator/10561] New: stap-server: take over signing duties, allow arg passing to stap
- From: "fche at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: systemtap at sources dot redhat dot com
- Date: 25 Aug 2009 20:50:43 -0000
- Subject: [Bug translator/10561] New: stap-server: take over signing duties, allow arg passing to stap
- Reply-to: sourceware-bugzilla at sourceware dot org
It is sometimes desirable to launch stap-server processes on a machine
with multiple sets of kernel-debuginfo/devel installed (as in a master
compilation server), or for cross-arch purposes. For this to work,
each stap-server needs to accept some arguments at startup time
(at least -a, -r, -B, for the nonce).
OTOH, unprivileged mode support specifically disabled some of these
flags within stap. Yet we want that too.
So it seems like a possible solution is to clarify what stap options
may be passed through which layer. It seems as though stap-server
should pass some server-admin-specified flags (might as well come
from stap-start-server), and block these same ones from clients
(as they arrive from stap-client or whatever in the request-containing
zip file). It'd have to safely collate the two lists of options, and
pass them to plain stap.
Since stap-server would now perform stap argument sanitization, it
becomes probably the best place to do module-signing. That means
stap wouldn't do it (even in the --unprivileged case), just include
some more constraints during the translation process.
--
Summary: stap-server: take over signing duties, allow arg passing
to stap
Product: systemtap
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: translator
AssignedTo: systemtap at sources dot redhat dot com
ReportedBy: fche at redhat dot com
http://sourceware.org/bugzilla/show_bug.cgi?id=10561
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.