[Bug 483543] Review Request: systemtapguiserver
bugzilla at redhat.com
bugzilla at redhat.com
Wed Apr 1 04:09:28 UTC 2009
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=483543
--- Comment #14 from William Cohen <wcohen at redhat.com> 2009-04-01 00:09:26 EDT ---
Started playing with the systemtapgui-server (and finally got it to work).
The instructions are not clear but the current code needs to be run as root. It
then figures out user from packet information and su to that user. It would be
much better if people could run it as normal user for the case where the
eclipse and the server are run by the same user.
There are a couple questionable cases in
datamanager.cpp:DataManager::execStap():
case (SHELL): allows executing arbitary script (as root this seems like a bad
idea). what would prevent someone from using this to just connect and run
arbitrary commands.
cases (BLUEDYE): mentions a package (Bluedye) that doesn't appear to be
available in fedora
Why scp the file to the server machine? why not send it to the stapgui-server
with the command and run with stap -e 'script...'? Currently, the plugin stores
the password in plantext in a possibly world readable file. Also the current
checks in the plugin do not seem to notice if the transfer failed (due to
missing password).
The compile server does compile code, but it doesn't perform the other aspects
of systemtapgui server such as execute the script and collect stdout/stderr.
Could systemtapgui be stripped down just to use staprun to run a compiled
script? Make it possible to run systemtap scripts on stripped down machines.
This would be useful for cases of running code on compute nodes in a cluster.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the Fedora-package-review
mailing list