Hi Bill,
I don't have the context about gha-runner to answer regarding their use
of LTTng.
I can however, give a bit of context about how the those shared memory
allocations are used within the scope of LTTng.
These shared memory sections are used for presence/absence notifications
between lttng-sessiond and applications instrumented with LTTng-UST.
`lttng-ust-wait-8` is intended to be used for applications that are
running as root, or those run as non-root users that are members of the
tracing group (if configured).
`lttng-ust-wait-8-NNN` is used for non-root instrumented applications
where NNN is the UID of the user.
When either lttng-sessiond or an application instrumented with lttng-ust
starts, the shared memory sections will be allocated. There is special
treatment for `lttng-ust-wait-8` since it may be used to notify non-root
applications that are run by users that are members of the tracing
group. In that case, it is created with an extended mode[1], as you are
observing. Those permissions are updated when there is a root
lttng-sessiond that starts and opens or creates a shared memory section
at the same path[2].
On 3/10/25 10:12 AM, bill robertson via lttng-dev wrote:
GHA runners appear to use lttng-ust for some sort of IPC between runners on
the same machine.
$ ll /dev/shm/
-rw-rw-rw- 1 gha-runner-7 gha-runner-7 4096 Feb 20 04:03 lttng-ust-wait-8
-rw-r----- 1 gha-runner-8 gha-runner-8 4096 Feb 20 04:03 lttng-ust-wait-8-558
-rw-r----- 1 gha-runner-7 gha-runner-7 4096 Feb 20 04:03 lttng-ust-wait-8-559
-rw-r----- 1 gha-runner-6 gha-runner-6 4096 Feb 20 04:03 lttng-ust-wait-8-560
-rw-r----- 1 gha-runner-5 gha-runner-5 4096 Feb 20 04:03 lttng-ust-wait-8-561
-rw-r----- 1 gha-runner-4 gha-runner-4 4096 Feb 20 04:03 lttng-ust-wait-8-562
-rw-r----- 1 gha-runner-3 gha-runner-3 4096 Feb 20 04:03 lttng-ust-wait-8-563
-rw-r----- 1 gha-runner-2 gha-runner-2 4096 Feb 20 04:03 lttng-ust-wait-8-564
-rw-r----- 1 gha-runner-1 gha-runner-1 4096 Feb 20 04:03 lttng-ust-wait-8-565
I assume that this is their code, and not some configuration issue on the
host machine, but if this may not be the case, can someone explain what can
be done or point me to information on the subject?
Could you clarify what you are trying to achieve?
Otherwise, is there some sort of environment variable or other setting that
lttng will reference when creating this shared memory section such that it
is not world-writable? All of the runners run under user accounts that are
in a common group.
In LTTng-UST 2.14+, setting `LTTNG_UST_APP_PATH`[3] will disable
connections to root (global) lttng-sessionds for instrumented applications.
Thanks!
Bill
[1]:
https://github.com/lttng/lttng-ust/blob/ce89cb05f0fc02b68396220815070996fa0bb4a5/src/lib/lttng-ust/lttng-ust-comm.c#L1705
[2]:
https://github.com/lttng/lttng-tools/blob/e995b146f3456dd51fd76288db6dae9efdbce592/src/common/shm.cpp#L118
[3]:
https://github.com/lttng/lttng-ust/blob/ce89cb05f0fc02b68396220815070996fa0bb4a5/src/lib/lttng-ust/lttng-ust-comm.c#L611C9-L611C27
