From: Dave Brolley Date: Tue, 4 Aug 2009 23:19:09 +0000 (-0400) Subject: Add NEWS about unprivileged user support X-Git-Tag: release-1.0~189 X-Git-Url: https://sourceware.org/git/?a=commitdiff_plain;h=500bc85ca6dc99bc65f4157b18e9c48c692a8a20;p=systemtap.git Add NEWS about unprivileged user support --- diff --git a/NEWS b/NEWS index a56787bd3..818fd6267 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,43 @@ * What's new +- Support for unprivileged users: + ***************************************************************************** + * WARNING!!!!!!!!!! + * This feature is EXPERIMENTAL at this time and should be used with care. + * This feature allows systemtap kernel modules to be loaded by unprivileged + * users. The user interface and restrictions will change as this feature + * evolves. + ***************************************************************************** + - Systemtap modules generated from scripts which use a restricted subset of + the features available may be loaded by staprun for unprivileged users. + Previously, staprun would load modules only for root or for members of the + groups stapdev and stapusr. + - Using the --unprivileged option on stap enables translation-time checking + for use by unprivileged users (see restrictions below). + - All modules deemed suitable for use by unprivileged users will be signed + by stap (see module signing in release 0.9.8 below). + - Modules signed by trusted users and verified by staprun will be loaded by + staprun regardless of the user's privilege level. + - The system administrator asserts the trustworthiness of a user by running + stap-authorize-signing-cert as root, where can + be found in ~/.systemtap/ssl/server/stap.cert. + - Restrictions are intentionally strict at this time and will be relaxed in + the future: + - probe points are restricted to: + begin, begin(n), end, end(n), error(n), never, + timer.{jiffies,s,sec,ms,msec,us,usec,ns,nsec}(n)*, timer.hz(n) + - embedded C code is not allowed. + - use of tapset functions using embedded C code is restricted. + - accessing the kernel memory space is not allowed. + - The following command line options may not be used: + -g, -I, -D, -R + -r may not be used to select a target kernel other than one from + /lib/modules/RELEASE/build, where RELEASE is a currently installed kernel + release. + - The following environment variables may not be set: + SYSTEMTAP_RUNTIME, SYSTEMTAP_TAPSET, SYSTEMTAP_DEBUGINFO_PATH + - nss and nss-tools are required to use this feature. + - Systemwide kernel .function.return (kretprobe) maxactive defaults may be overridden with the -DKRETACTIVE=nnn parameter.