Hi,
I am trying to get user space tracing working for an application running in a docker container. I am running lttng session daemon in another container. I mounted the unix socket locations (either /var/run/lttng for root or $HOME/.lttng for another user). By doing that I can run commands like lttng create or lttng list <session-name>, but the tracepoint events from the application don't get registered and there is no trace output.
I enabled LTTNG_UST_DEBUG an ran lttng-sessiond in verbose mode (-vvv and --verbose-consumer) and got the following error message:
"Unix socket credential pid=0. Refusing application in distinct, non-nested pid namespace."
It appears that for some calls to the session daemon there is a getsockopt syscall made with SO_PEERCRED which returns 0 for pid and the call is failed with LTTNG_UST_ERR_PEERCRED_PID error (see get_cred call in ustctl.c).
If I comment out the getsockopt call, my application tracing starts to work.
From what I found, docker cannot support getsockopt/SO_PEERCRED call to get peer pid on the unix socket which would make sense as it's in a separate namespace.
I have a few questions on this:
1. What is the reason for the get_cred/getsockopt call with SO_PEERCRED? I would like to understand why it's required for some and not other calls.
2. Is there any workaround for this problem, so that I can get this to work with the container topology I am working with (app in one container and lttng daemons in another).
3. Related to 2, are there any gotchas to bypassing the getsockopt call in get_cred?
Appreciate your help regarding this.
Thanks,
Eqbal