From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 66966 invoked by alias); 18 Nov 2019 16:20:36 -0000 Mailing-List: contact elfutils-devel-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Post: List-Help: List-Subscribe: Sender: elfutils-devel-owner@sourceware.org Received: (qmail 66956 invoked by uid 89); 18 Nov 2019 16:20:36 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Checked: by ClamAV 0.100.3 on sourceware.org X-Virus-Found: No X-Spam-SWARE-Status: No, score=-6.5 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.3.1 spammy=HX-Languages-Length:1165, defense, exposition, Best X-Spam-Status: No, score=-6.5 required=5.0 tests=AWL,BAYES_00,SPF_PASS autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on sourceware.org X-Spam-Level: X-HELO: gnu.wildebeest.org Received: from wildebeest.demon.nl (HELO gnu.wildebeest.org) (212.238.236.112) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 18 Nov 2019 16:20:35 +0000 Received: from tarox.wildebeest.org (tarox.wildebeest.org [172.31.17.39]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by gnu.wildebeest.org (Postfix) with ESMTPSA id BF722300099F; Mon, 18 Nov 2019 17:20:32 +0100 (CET) Received: by tarox.wildebeest.org (Postfix, from userid 1000) id 72E2D413CEAA; Mon, 18 Nov 2019 17:20:32 +0100 (CET) Message-ID: Subject: Re: patch 5 debuginfod: prometheus metrics From: Mark Wielaard To: "Frank Ch. Eigler" Cc: elfutils-devel@sourceware.org, amerey@redhat.com Date: Mon, 18 Nov 2019 16:20:00 -0000 In-Reply-To: <20191115175757.GA15272@redhat.com> References: <20191028190438.GC14349@redhat.com> <20191028190602.GD14349@redhat.com> <20191028190726.GE14349@redhat.com> <20191104214823.GA17633@redhat.com> <20191107090732.GA19337@redhat.com> <20191107090833.GB19337@redhat.com> <20191115175757.GA15272@redhat.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Mailer: Evolution 3.28.5 (3.28.5-5.el7) Mime-Version: 1.0 X-Spam-Flag: NO X-IsSubscribed: yes X-SW-Source: 2019-q4/txt/msg00168.txt.bz2 Hi, On Fri, 2019-11-15 at 12:57 -0500, Frank Ch. Eigler wrote: > Could you also add a reference to the Prometheus Exposition format. I > > see it is already in a comment in the code. Best to also add it as See > > also in the docs. >=20 > OK. Thanks, that would be good. > > > +control. The \fI/metrics\fP webapi endpoint is probably not > > > +appropriate for disclosure to the public. > >=20 > > So, should there be an option to turn it off? >=20 > IMHO not necessary. The security section already advises against > exposing an unprotected debuginfod server to the public. A front-end > reverse-proxy would easily filter requests to /metrics. I think defense in depth is not a bad thing. You already have local users to which it is exposed. And it would also make the server do slightly less work. > > > +#ifdef __linux__ > > > +#define gettid() syscall(SYS_gettid) > > > +#else > > > +#define gettid() pthread_self() > > > +#endif > >=20 > > You might want to rename this since newer glibc might expose gettid(). >=20 > OK. Note that the current code defines tid () as syscall(SYS_getpid). Should be SYS_gettid. Cheers, Mark