Comments (6)
Scenario: running the rules --add command on the host, targeting processes on the host and child containers
No config supplied
- rules file correct (matches default)
- attached procs on host correct (matches default)
- attached procs in containers correct (matches default)
Pipe a config file to stdin
- rules file correct (matches piped in config)
- attached procs on host correct (matches piped in config)
- attached procs in containers correct (matches piped in config)
Pass a path to a config file to --userconfig [file]
- rules file correct (matches provided config)
- attached procs on host correct (matches provided config)
- attached procs in containers correct (matches provided config)
Use flags to set things like metricdest, eventdest, etc.
- rules file correct (matches supplied args)
- attached procs on host correct (matches supplied args)
- attached procs in containers correct (matches supplied args)
from appscope.
after performing a scope inspect
, the config in the attached processes do not match the rules file.
repro:
top
sudo ./scope rules --add top # attaches to top and installs scope_rules file
scope inspect # see incorrect config (not the default config)
sudo scope rules # see correct config (default config)
we are putting a config in the rules
session directory and the contents are correct
we are adding SCOPE_CONF_PATH to env
and it is set to the correct path
it's expected that the loader can see the env var, then writes all SCOPE_ env vars to shared memory, then the constructor reads it on attach.
- is the loader cmdAttach seeing this env var?
- is the library constructor seeing this env var?
from appscope.
something strange is happening.
if i run top
then sudo ./scope attach top
, the config looks correct (default config).
but when i follow the steps in the previous comment (which is essentially doing the same thing; attaching to top), the config is wrong
from appscope.
i noticed that when attach is run, we create a session directory in /tmp, then create a symlink from /root/.scope/history to that.
i noticed that when rules is run, we create a session directory in the /root/.scope/history dir directly.
in both cases, the config in those directories is accurate. but it is not getting read into the process in the rules
case.
is this something to do with it?
i can imagine that the top
process cannot get permission to read the config file from the root directory.
from appscope.
ok, for the rules command i now create a /tmp directory and then create a symlink from /root/.scope/history to that.
this solved the problem of config not getting respected on attach.
PR: #1569
from appscope.
Scenario: running the rules --add command on in a container, targeting processes on the host and child containers
No config supplied
- rules file correct (matches default)
- attached procs on host correct (matches default)
- attached procs in containers correct (matches default)
Pipe a config file to stdin
- rules file correct (matches piped in config)
- attached procs on host correct (matches piped in config)
- attached procs in containers correct (matches piped in config)
Pass a path to a config file to --userconfig [file]
- rules file correct (matches provided config)
- attached procs on host correct (matches provided config)
- attached procs in containers correct (matches provided config)
Use flags to set things like metricdest, eventdest, etc.
- rules file correct (matches supplied args)
- attached procs on host correct (matches supplied args)
- attached procs in containers correct (matches supplied args)
from appscope.
Related Issues (20)
- Mount the socket dir not the socket file
- ld.so.preload and scope in the PATH HOT 1
- Go build error with ld.so.preload enabled HOT 2
- top on Fedora error HOT 1
- scope attach --inspect <pid> from container to host can return error when successful HOT 1
- Warning when scoping an an application that has the s bit set
- Use symbolic link to avoid two appscope libraries in one process
- [Bug]: Missing payload (request) using `host` app HOT 1
- Timeouts seen with appscope/edge integration HOT 2
- DNS tunelling/exfiltration POC HOT 3
- File system obfuscation
- Add support for sending the payloads using event channel HOT 3
- LD_PRELOAD is not set in some cases when exec'ing into a container that was started after a scope rule was added
- Unable to exec into container after re-adding a scope rule HOT 4
- Connection Graph HOT 1
- [Bug]: Sending payloads with cribl/event transport type - inconsistency with channel type
- Memory Snapshot on Command HOT 1
- Attempt to mount non-existent directory from host into container HOT 2
- Updates needed to CI
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from appscope.