>If I comment out the getsockopt call, my application tracing starts to
work.

Correction on the above, I meant I comment out the check for pid being
non-zero in the get_cred call, not the whole getsockopt call.

diff --git a/liblttng-ust-ctl/ustctl.c b/liblttng-ust-ctl/ustctl.c
index 39860ebf..96aeef3c 100644
--- a/liblttng-ust-ctl/ustctl.c
+++ b/liblttng-ust-ctl/ustctl.c
@@ -1825,10 +1825,10 @@ int get_cred(int sock,
                "application registered claiming [ pid: %u, ppid: %u, uid:
%u, gid: %u ]",
                ucred.pid, ucred.uid, ucred.gid,
                reg_msg->pid, reg_msg->ppid, reg_msg->uid, reg_msg->gid);
-       if (!ucred.pid) {
-               ERR("Unix socket credential pid=0. Refusing application in
distinct, non-nested pid namespace.");
-               return -LTTNG_UST_ERR_PEERCRED_PID;
-       }
+       // if (!ucred.pid) {
+       //      ERR("Unix socket credential pid=0. Refusing application in
distinct, non-nested pid namespace.");
+       //      return -LTTNG_UST_ERR_PEERCRED_PID;
+       // }
        *pid = ucred.pid;
        *uid = ucred.uid;
        *gid = ucred.gid;

On Mon, Apr 5, 2021 at 11:09 AM Eqbal <eqbalzee@gmail.com> wrote:

> Hi,
>
> I am trying to get user space tracing working for an application running
> in a docker container. I am running lttng session daemon in another
> container. I mounted the unix socket locations (either /var/run/lttng for
> root or $HOME/.lttng for another user). By doing that I can run commands
> like lttng create or lttng list <session-name>, but the tracepoint events
> from the application don't get registered and there is no trace output.
>
> I enabled LTTNG_UST_DEBUG an ran lttng-sessiond in verbose mode (-vvv and
> --verbose-consumer) and got the following error message:
>
> "*Unix socket credential pid=0. Refusing application in distinct,
> non-nested pid namespace.*"
>
> It appears that for some calls to the session daemon there is a getsockopt
> syscall made with *SO_PEERCRED* which returns 0 for pid and the call is
> failed with *LTTNG_UST_ERR_PEERCRED_PID* error (see get_cred call in
> ustctl.c).
>
> If I comment out the getsockopt call, my application tracing starts to
> work.
>
> From what I found, docker cannot support getsockopt/SO_PEERCRED call to
> get peer pid on the unix socket which would make sense as it's in a
> separate namespace.
>
> I have a few questions on this:
> 1. What is the reason for the get_cred/getsockopt call with SO_PEERCRED? I
> would like to understand why it's required for some and not other calls.
> 2. Is there any workaround for this problem, so that I can get this to
> work with the container topology I am working with (app in one container
> and lttng daemons in another).
> 3. Related to 2, are there any gotchas to bypassing the getsockopt call in
> get_cred?
>
> Appreciate your help regarding this.
>
> Thanks,
> Eqbal
>