Systemtap version 2.1. I have created a small systemtap script and compiled with "stap --privilege=stapsys". As root, I can "staprun" the script just fine. As root I have installed the script in "/lib/modules/`uname -r`/systemtap". If I try "staprun" as a user in groups staprun and stapsys (but NOT stapdev), I get this error message: ERROR: Your privilege credentials (stapdev) are insufficient to run this module (stapsys required). I find this a bit strange, as the user is NOT a member of stapdev as claimed, but the user IS a member of stapsys as required. The above scenario was working way back with systemtap version 1.8, but is now failing with 2.1. I looked at commit 429a4963, which introduced this around line 756 in staprun/staprun_funcs.c: if (assigned_user_credentials) assigned_user_credentials = pr_stapdev; If I change this to assigned_user_credentials |= pr_stapdev; the above scenario works like a charm.
See also: http://sourceware.org/ml/systemtap/2013-q1/msg00186.html
staprun was actually loading the module, but it passed a user privilege level of pr_stapdev to the module as the user's privilege level. Since pr_stapdev does not contain pr_stapsys, the module's self checking code determined that the user did not have sufficient privileges to run it, and so it aborted. staprun should have passed a privilege level of pr_all to the module, ensuring that all modules within the special directory can be run by all users. More accurately, the user must at a minimum be a member of stapusr, since staprun itself can only be run by root or members of that group. commit 019e44d6bf7137af289412f35f28be5938acfb62 implements this fix.
Problem has been fixed by the referenced commit.