Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 26 Feb 2009 13:49:37 +0100
From:      Alexander Leidinger <Alexander@Leidinger.net>
To:        Robert Watson <rwatson@FreeBSD.org>
Cc:        svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org, src-committers@FreeBSD.org
Subject:   Re: svn commit: r189063 - head/sys/kern
Message-ID:  <20090226134937.13523qtfgxc9ik7k@webmail.leidinger.net>
In-Reply-To: <alpine.BSF.2.00.0902261056280.16988@fledge.watson.org>
References:  <200902261056.n1QAuDTL025375@svn.freebsd.org> <alpine.BSF.2.00.0902261056280.16988@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Quoting Robert Watson <rwatson@FreeBSD.org> (from Thu, 26 Feb 2009 =20
10:57:13 +0000 (GMT)):

> On Thu, 26 Feb 2009, Robert Watson wrote:
>
>> Log:
>> Add static tracing for privilege checking:
>>
>>   priv:kernel:priv_check:priv_ok fires for granted privileges
>>   priv:kernel:priv_check:priv_errr fires for denied privileges
>>
>> The first argument is the requested privilege number.  The naming
>> convention is a little different from the OpenSolaris equivilent
>> because we can't have '-' in probefunc names, and our privilege
>> namespace is different.
>
> A typical tracing command might be:
>
>   dtrace -n 'priv:::priv_ok { trace(execname); trace(arg0);}'
>
> arg0 requires manual interpretation using /usr/include/sys/priv.h.

Theoretically it is possible to write a little script which takes =20
priv.h and generates a little bit of dtrace stuff which allows to =20
print out strings instead of numbers. But I think this is a matter of =20
motivation...

I would also use printf("program: %s, priv: $d\n", execname, arg0) or =20
something similar with printf, but this is cosmetics.

Should we create a repository of dtrace scripts in /usr/share or =20
wherever? For the linuxulator I have several scripts in my =20
linuxulator-dtrace branch (some more, some less useful for =20
non-developers).

Bye,
Alexander.

--=20
Never trust anybody whose arm is bigger than your leg.

http://www.Leidinger.net    Alexander @ Leidinger.net: PGP ID =3D B0063FE7
http://www.FreeBSD.org       netchild @ FreeBSD.org  : PGP ID =3D 72077137

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090226134937.13523qtfgxc9ik7k>