Bug 518470 - scripts executed as stapusr don't run
scripts executed as stapusr don't run
Product: Fedora
Classification: Fedora
Component: systemtap (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: Frank Ch. Eigler
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2009-08-20 10:24 EDT by Marcela Mašláňová
Modified: 2009-08-21 03:08 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-08-21 03:08:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Marcela Mašláňová 2009-08-20 10:24:50 EDT
Description of problem:
ERROR: You are trying to run stap as a normal user.
You should either be root, or be part of either group "stapdev" or group "stapusr".

Version-Release number of selected component (if applicable):

How reproducible:
Run your systemtap script as a user who is in group stapusr and stapdev.

Am I doing something wrong or I must execute scripts only as root?
Comment 1 Frank Ch. Eigler 2009-08-20 10:30:07 EDT
Marcela, the "stapusr" privilege only permits precompiled scripts
to be run.  That is, the sysadmin must compile (stap -p4) and
install (cp FOO.ko /lib/modules/`uname -r`/systemtap) each script
that is supposed to be run by stapusr prileges.

The "stapdev" privilege is not so limited, and should permit
arbitrary script compilation/execution.

Please double-check that your group assignments are effective
(run "id"), and that nothing is interfering with the setuid
nature of /usr/bin/staprun (check selinux logs perhaps?).
Comment 2 Mark Wielaard 2009-08-20 11:01:58 EDT
(In reply to comment #0)
> Run your systemtap script as a user who is in group stapusr and stapdev.
> /etc/group
> user:x:500:stapdev,stapusr

Please double check your group settings.
The above says that stapdev and stapusr are members of group user.
You want the opposite, user should be part of group stapdev
Comment 3 Marcela Mašláňová 2009-08-21 03:08:57 EDT
Um, thank you for your kind reply. Definitely notabug.

Note You need to log in before you can comment on or make changes to this bug.