Go Directly To
Oracle Technology Network Community
My Oracle Support Community
OPN Cloud Connection
Oracle Employee Community
Oracle User Group Community
OTN Speaker Bureau
Get Started Guide
Join the world’s largest interactive community dedicated to Oracle technologies.
Learn from thousands of community experts
Get answers to your technical questions
Share your knowledge with peers
Please enter a title.
You can not post a blank message. Please type your message and try again.
Server & Storage Systems
This discussion is archived
on Jun 25, 2012 4:05 PM by 945658
D-Trace - Solaris zone
Jun 25, 2012 4:05 PM
We have configured a Solaris zone to enable D-Trace functionality.
OS: SunOS vmsdev21dtrace1 5.10 Generic_147440-01 sun4v sparc SUNW,SPARC-Enterprise-T5220
We have been using D-Trace to monitor user activity (directory/file access..) on several Solaris 10 based servers, which consist of Global Solaris Zone servers.
D-Trace works perfectly when run on the Global Zone servers however, it runs into several problems when run in Solaris Zone containers.
The problem we are experiencing when D-Trace is run in a Solaris zone is that the built in D-Trace macro “cwd” fails to execute as expected; throwing the following error:
dtrace: error on enabled probe ID 3 (ID 4569: syscall::open64:return): invalid kernel access in action #2 at DIF offset 0
To put the error message into context, I have included the following code snippet:
arg0 > 0
uid == trace_uid_0 && execname != "bash"
printf("File READ: %s\n",this->file);
As can be seen I am simply doing a printf ‘cwd’ to detect whenever a user reads a file in the syscall::open64:return call.
Once the printf("CWD: %s",cwd); line is removed from the code, the D-Trace script works as expected.
Taking all this into account; is this is a bug in D-Trace or due to the fact that we are trying to get it to run in a virtualized platform ?
Furthermore, is there a workaround we could try to capture the CWD, bearing in mind the number of providers within a Solaris Zone we have to work with is limited.
I have the same question
Show 0 Likes
This content has been marked as final.
Show 0 replies