Add support for waiting using netlink #10
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit adds another method of waiting for a process to finish, using the netfilter connector from the Linux kernel.
This commit adds an option to choose the method to be used for waiting, either ptrace or netlink. It also adds a help option that displays a moderately detailed help message.
This commit adds code to the CMakeLists file to enable both cap_sys_ptrace and cap_net_admin when the program is installed. However it changes from the previous version in that it only adds the capabilities to the permitted set, not the effective set. This is so that you can run pwait as a non-root user and use e.g. the ptrace method without acquiring cap_net_admin, if you have some reason to think a process with cap_net_admin would cause problems, and vice versa. (I can't really think of a situation where this helps anything, but why not.)
This commit adds code to the CMakeLists file to enable both cap_sys_ptrace and cap_net_admin when the program is being tested, just like the last commit did when the program was installed.
This makes it easy to run all the tests multiple times under different configurations.
I configured the test script to accept an environment variable that specifies the backend method, and created two test targets in CMake for the two methods, netlink and ptrace. This way each method appears as a separate test.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds another method of waiting for a process to finish, using the netlink IPC system in the Linux kernel.
I've made this new method the default since it's less invasive than ptrace (the preexisting method). ptrace requires attaching to the process being traced, which can only be done by one tracing process at a time, so for example it'd be impossible to pwait for a process that's being debugged or debug a process that is being pwaited for, or to run two separate instances of pwait with the same target process. On the other hand, the netlink approach should not have any of these limitations. (Though I haven't tested that.)