dtrace in jail

byrnejb

byrnejb

How must a jail be configured to use dtrace? When I try to list the probes I get a no device error:

Code: 
[root@smb4-2 ~ (master)]# kldstat | grep dtrace
26    1 0xffffffff82ec1000      2ea dtraceall.ko
27    9 0xffffffff82ec2000    3cee0 dtrace.ko

[root@smb4-2 ~ (master)]# dtrace -l | more
dtrace: failed to initialize dtrace: DTrace device not available on system
 
I used dwatch(1) to observe what files dtrace tried to open within the jail.

On the host:

Code: 
dwatch -j myjail -X open

Within the jail:

Code: 
dtrace -l

The output I got from dwatch was along the lines of:

Code: 
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/dtrace
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/profile
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/syscall
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/syscall
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/pf
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/vmm
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/iwlwifi
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/linuxulator32
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/linuxulator
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/ice_fwlog

So I decided to unhide dtrace* devices by issuing the following commands from the host:

Code: 
devfs -m /jails/myjail/dev rule apply path dtrace* unhide
devfs -m /jails/myjail/dev rule apply path dtrace/* unhide

As a result, commands like dtrace -n 'pid$target:::' -c 'true' started to work in the jail.
 
Don't really know where to put this, so "Emulation and virtualization" for now (it's about jails). Might move it later to "Userland and Scripting" or "FreeBSD Development" depending on how the thread progresses.
 
Also for some probes you will need to copy `/boot/kernel` into jail (or mount `/boot/kernel` directory from host to jail via `nullfs`). It contains CTF data/info which DTRACE can use.
 
  • Thanks
Reactions: 0mp
Thanks, Ole!

I added the following nullfs(5) mount to my jail's fstab (i.e., the fstab(5) file pointed to by the mount.fstab jail(8) variable):

Code: 
/boot/kernel /jails/myjail/boot/kernel    nullfs  ro      0       0

As a result, commands like dwatch -X open work without an issue within the jail.
 
You must log in or register to reply here.
Back
Top