#include <lttng/lttng-consumer.h>
#include <lttngerr.h>
+#include <runas.h>
#include "channel.h"
#include "compat/poll.h"
* Send all stream fds of kernel channel to the consumer.
*/
static int send_kconsumer_channel_streams(struct consumer_data *consumer_data,
- int sock, struct ltt_kernel_channel *channel)
+ int sock, struct ltt_kernel_channel *channel,
+ uid_t uid, gid_t gid)
{
int ret;
struct ltt_kernel_stream *stream;
lkm.u.stream.state = stream->state;
lkm.u.stream.output = channel->channel->attr.output;
lkm.u.stream.mmap_len = 0; /* for kernel */
+ lkm.u.stream.uid = uid;
+ lkm.u.stream.gid = gid;
strncpy(lkm.u.stream.path_name, stream->pathname, PATH_MAX - 1);
lkm.u.stream.path_name[PATH_MAX - 1] = '\0';
DBG("Sending stream %d to consumer", lkm.u.stream.stream_key);
lkm.u.stream.state = LTTNG_CONSUMER_ACTIVE_STREAM;
lkm.u.stream.output = DEFAULT_KERNEL_CHANNEL_OUTPUT;
lkm.u.stream.mmap_len = 0; /* for kernel */
+ lkm.u.stream.uid = session->uid;
+ lkm.u.stream.gid = session->gid;
strncpy(lkm.u.stream.path_name, session->metadata->pathname, PATH_MAX - 1);
lkm.u.stream.path_name[PATH_MAX - 1] = '\0';
DBG("Sending metadata stream %d to consumer", lkm.u.stream.stream_key);
}
cds_list_for_each_entry(chan, &session->channel_list.head, list) {
- ret = send_kconsumer_channel_streams(consumer_data, sock, chan);
+ ret = send_kconsumer_channel_streams(consumer_data, sock, chan,
+ session->uid, session->gid);
if (ret < 0) {
goto error;
}
*/
if (session->kernel_session->consumer_fds_sent == 1) {
ret = send_kconsumer_channel_streams(consumer_data,
- session->kernel_session->consumer_fd, channel);
+ session->kernel_session->consumer_fd, channel,
+ session->uid, session->gid);
if (ret < 0) {
goto error;
}
int ret;
char *type = "debugfs";
- ret = mkdir_recursive(path, S_IRWXU | S_IRWXG, geteuid(), getegid());
+ ret = mkdir_recursive_run_as(path, S_IRWXU | S_IRWXG, geteuid(), getegid());
if (ret < 0) {
PERROR("Cannot create debugfs path");
goto error;
* Create an UST session and add it to the session ust list.
*/
static int create_ust_session(struct ltt_session *session,
- struct lttng_domain *domain, struct ucred *creds)
+ struct lttng_domain *domain)
{
- int ret;
- unsigned int sess_uid;
- gid_t gid;
struct ltt_ust_session *lus = NULL;
+ int ret;
switch (domain->type) {
case LTTNG_DOMAIN_UST:
DBG("Creating UST session");
- sess_uid = session->uid;
- lus = trace_ust_create_session(session->path, sess_uid, domain);
+ lus = trace_ust_create_session(session->path, session->id, domain);
if (lus == NULL) {
ret = LTTCOMM_UST_SESS_FAIL;
goto error;
}
- /*
- * Get the right group ID. To use the tracing group, the daemon must be
- * running with root credentials or else it's the user GID used.
- */
- gid = allowed_group();
- if (gid < 0 || !is_root) {
- gid = creds->gid;
- }
-
- ret = mkdir_recursive(lus->pathname, S_IRWXU | S_IRWXG, creds->uid, gid);
+ ret = mkdir_recursive_run_as(lus->pathname, S_IRWXU | S_IRWXG,
+ session->uid, session->gid);
if (ret < 0) {
if (ret != -EEXIST) {
ERR("Trace directory creation error");
ERR("Unknown UST domain on create session %d", domain->type);
goto error;
}
+ lus->uid = session->uid;
+ lus->gid = session->gid;
session->ust_session = lus;
return LTTCOMM_OK;
/*
* Create a kernel tracer session then create the default channel.
*/
-static int create_kernel_session(struct ltt_session *session,
- struct ucred *creds)
+static int create_kernel_session(struct ltt_session *session)
{
int ret;
- gid_t gid;
DBG("Creating kernel session");
session->kernel_session->consumer_fd = kconsumer_data.cmd_sock;
}
- gid = allowed_group();
- if (gid < 0) {
- /*
- * Use GID 0 has a fallback since kernel session is only allowed under
- * root or the gid of the calling user
- */
- is_root ? (gid = 0) : (gid = creds->gid);
- }
-
- ret = mkdir_recursive(session->kernel_session->trace_path,
- S_IRWXU | S_IRWXG, creds->uid, gid);
+ ret = mkdir_recursive_run_as(session->kernel_session->trace_path,
+ S_IRWXU | S_IRWXG, session->uid, session->gid);
if (ret < 0) {
if (ret != -EEXIST) {
ERR("Trace directory creation error");
goto error;
}
}
+ session->kernel_session->uid = session->uid;
+ session->kernel_session->gid = session->gid;
error:
return ret;
/*
* Command LTTNG_CREATE_SESSION processed by the client thread.
*/
-static int cmd_create_session(char *name, char *path)
+static int cmd_create_session(char *name, char *path, struct ucred *creds)
{
int ret;
- ret = session_create(name, path);
+ ret = session_create(name, path, creds->uid, creds->gid);
if (ret != LTTCOMM_OK) {
goto error;
}
/* Need a session for kernel command */
if (need_tracing_session) {
if (cmd_ctx->session->kernel_session == NULL) {
- ret = create_kernel_session(cmd_ctx->session, &cmd_ctx->creds);
+ ret = create_kernel_session(cmd_ctx->session);
if (ret < 0) {
ret = LTTCOMM_KERN_SESS_FAIL;
goto error;
if (need_tracing_session) {
if (cmd_ctx->session->ust_session == NULL) {
ret = create_ust_session(cmd_ctx->session,
- &cmd_ctx->lsm->domain, &cmd_ctx->creds);
+ &cmd_ctx->lsm->domain);
if (ret != LTTCOMM_OK) {
goto error;
}
case LTTNG_CREATE_SESSION:
{
ret = cmd_create_session(cmd_ctx->lsm->session.name,
- cmd_ctx->lsm->session.path);
+ cmd_ctx->lsm->session.path, &cmd_ctx->creds);
break;
}
case LTTNG_DESTROY_SESSION: