Quoting Robert Watson <rwat...@freebsd.org> (from Thu, 26 Feb 2009
10:57:13 +0000 (GMT)):
On Thu, 26 Feb 2009, Robert Watson wrote:
Log:
Add static tracing for privilege checking:
priv:kernel:priv_check:priv_ok fires for granted privileges
priv:kernel:priv_check:priv_errr fires for denied privileges
The first argument is the requested privilege number. The naming
convention is a little different from the OpenSolaris equivilent
because we can't have '-' in probefunc names, and our privilege
namespace is different.
A typical tracing command might be:
dtrace -n 'priv:::priv_ok { trace(execname); trace(arg0);}'
arg0 requires manual interpretation using /usr/include/sys/priv.h.
Theoretically it is possible to write a little script which takes
priv.h and generates a little bit of dtrace stuff which allows to
print out strings instead of numbers. But I think this is a matter of
motivation...
I would also use printf("program: %s, priv: $d\n", execname, arg0) or
something similar with printf, but this is cosmetics.
Should we create a repository of dtrace scripts in /usr/share or
wherever? For the linuxulator I have several scripts in my
linuxulator-dtrace branch (some more, some less useful for
non-developers).
Bye,
Alexander.
--
Never trust anybody whose arm is bigger than your leg.
http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7
http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
