-
-
Notifications
You must be signed in to change notification settings - Fork 74
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Need help] run bpf programs as non root user with bpftime #353
Comments
Root is not necessary for uprobe/uretprobe/usdt |
You nay try grant the Actually both of them can run in unprivileged containers, e.g. you can try github codespace. |
Thanks for pointing out the problem! We will provide a document for all the permission related questions. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In our current product, we execute BPF programs without needing
sudo
by usingsetcap
to grant the necessary capabilities to the executable (specifically, we setbpf_cap
before running the BPF program).setcap CAP_BPF,CAP_SYS_RESOURCE,CAP_PERFMON=+eip tracer
How can we achieve the same functionality with
bpftime
?Are there instances where we must run
bpftime
withsudo
?Modes of Running
bpftime
To attach to it:
LD_PRELOAD
directly.Questions:
sudo
necessary in the first method? Is it required?sudo
—is this mandatory?Could you clarify in which cases we need to use
sudo
and which cases do not require it?We would prefer to avoid using
sudo
with BPF programs and run them as non-root. Is it possible to use the attach method withoutsudo
?The text was updated successfully, but these errors were encountered: