Sponsored Links

Sabtu, 25 November 2017

Sponsored Links

13 Linux: Capture Password from PAM using SystemTap - YouTube
src: i.ytimg.com

In computing, SystemTap (stap) is a scripting language and tool for dynamically instrumenting running production Linux kernel-based operating systems. System administrators can use SystemTap to extract, filter and summarize data in order to enable diagnosis of complex performance or functional problems.

SystemTap consists of free and open-source software and includes contributions from Red Hat, IBM, Intel, Hitachi, Oracle, and other community members.


Video SystemTap



History

SystemTap debuted in 2005 in Red Hat Enterprise Linux 4 Update 2 as a technology preview.

After four years in development, SystemTap 1.0 was released in 2009.

As of 2011 SystemTap runs fully supported in all Linux distributions including RHEL / CentOS 5 since update 2, SLES 10, Fedora, Debian and Ubuntu.

Tracepoints in the CPython VM and JVM were added in SystemTap 1.2.


Maps SystemTap



Usage

SystemTap files are written in the SystemTap language (saved as .stp files) and run with the stap command-line. The system carries out a number of analysis passes on the script before allowing it to run. Scripts may be executed with one of three backends selected by the --runtime= option. The default is a loadable kernel module, which has the fullest capability to inspect and manipulate any part of the system, and therefore requires most privilege. Another backend is based on the dynamic program analysis library DynInst to instrument the user's own user-space programs only, and requires least privilege. The newest backend is based on eBPF byte-code, is limited the Linux kernel interpreter's capabilities, and requires an intermediate level of privilege. In each case, the module is unloaded when the script has finished running.

Scripts generally focus on events (such as starting or finishing a script), compiled-in probe points such as Linux "tracepoints", or the execution of functions or statements in the kernel or user-space.

Some "guru mode" scripts may also have embedded C, which may run with the -g command-line option. However, use of guru mode is discouraged, and each SystemTap release includes more probe points designed to remove the need for guru-mode scripts. Guru mode is required in order to permit scripts to modify state in the instrumented software, such as to apply some types of emergency security fixes.

As of systemtap release 1.7 the software implements the new stapsys group and privilege level.


RHEL Developers: RHEL SystemTap Overview - YouTube
src: i.ytimg.com


Simple examples

The following script shows all applications setting TCP socket options on the system, what options are being set, and whether the option is set successfully or not:

Many other examples are shipped with SystemTap. There are also real-world examples of SystemTap use at the War Stories page.


THE-LAB Dura Series Low TOC Type
src: www.thelab-instrument.com


Importing scripts from other tracing technologies

SystemTap can attach to DTrace markers when they are compiled into an application using macros from the sys/sdt.h header file.


TAP Urethane RTV Mold-Making System : TAP Plastics
src: www.tapplastics.com


See also

  • Kernel marker
  • DProbes
  • LTTng
  • strace
  • ProbeVue

THE-LAB Dura Series Standard Type
src: www.thelab-instrument.com


References


TAP Silicone RTV Mold-Making System : TAP Plastics
src: www.tapplastics.com


External links

  • SystemTap Homepage
  • SystemTap Wiki
  • SystemTap Language Reference (PDF)
  • SystemTap project analysis by Ohloh
  • Dynamic Tracing with DTrace & SystemTap
  • Systemtap tutorial Frank Ch. Eigler
  • SystemTap Beginner's Guide Don Domingo, William Cohen
  • Problem Solving With Systemtap, Ottawa Linux Symposium 2006
  • Problem Solving with SystemTap, Eugene Teo, presented at the Red Hat Summit 2007 (scripts)
  • Dynamic Tracing and Performance Analysis Using SystemTap, Joshua Stone, presented at the LinuxWorld Conference 2008
  • SystemTap Tutorial, Jim Keniston, presented at the Linux Plumbers Conference 2008

Source of the article : Wikipedia

Comments
0 Comments