From: Mark Wielaard <mjw@redhat.com>
To: elfutils-devel@lists.fedorahosted.org
Subject: Re: Trying not call elfutils functions in ABRT under root
Date: Wed, 30 Nov 2016 12:08:56 +0100 [thread overview]
Message-ID: <1480504136.3728.111.camel@redhat.com> (raw)
In-Reply-To: 20161130080044.7505.35104@mailman01.phx2.fedoraproject.org
[-- Attachment #1: Type: text/plain, Size: 1481 bytes --]
Hi Adam,
On Wed, 2016-11-30 at 08:00 +0000, Adam Sulc wrote:
> im using elfutils in ABRT program specifically when generating
> core_backtrace. According to this
> https://github.com/abrt/abrt/issues/890 post, it is not a good idea
> using elfutils under root. So I have tried moving as much elfutils
> function calls to non-root process as possible. That means the parent
> process is forked and in child process there are opened necessary
> files:
> [...]
> Is there any way how I can pass the opened files to elfutils
> functions? Especially for "/etc/[tid]/mem" which is needed in
> dwfl_linux_proc_find_elf that is part of Dwfl_Callbacks proc_cb ?
You wrote /etc, but I assume you meant /proc files.
Instead of using dwfl_linux_proc_report you can use
dwfl_linux_proc_maps_report which you can pass a file. But some of the
other proc files might be opened by the library itself if necessary when
working on an running process. If you change the UID to the user running
that process you should still be able to open those files.
Alternatively if you ptace attach to that process before dropping
privileges the library should be able to access those (in theory, I
didn't actually try that myself - you might be able to just run
dwfl_linux_proc_attach as root, or maybe do the ptrace attach by hand
and stop the thread under inspection before dropping privileges and call
dwfl_linux_proc_attach with assume_ptrace_stopped = true).
Cheers,
Mark
next reply other threads:[~2016-11-30 11:08 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-30 11:08 Mark Wielaard [this message]
-- strict thread matches above, loose matches on Subject: below --
2016-12-01 23:20 Mark Wielaard
2016-12-01 20:44 Adam Sulc
2016-11-30 8:00 Adam Sulc
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1480504136.3728.111.camel@redhat.com \
--to=mjw@redhat.com \
--cc=elfutils-devel@lists.fedorahosted.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).