search

draios / sysdig

Linux system exploration and troubleshooting tool with first class support for containers
http://www.sysdig.com/
Other
7.78k stars 727 forks source link

sysdig doesn't work on my archlinux #820

Closed ZWindL closed 7 years ago

ZWindL commented 7 years ago

I'm using arch with testing open kernel version: Linux zwindl 4.10.13-1-zen #1 ZEN SMP PREEMPT Thu Apr 27 18:51:46 UTC 2017 x86_64 GNU/Linux

And it shows 'error creating the process list. Make sure you have root credentials.' when I run sysdig in shell despite I'm login as root or I run it directly.

What info should I provide to find the reason? Thanks a lot.

ketank-new commented 7 years ago

If you are facing issues related to executing the sysdig binary then please refer the below link and refer some examples that can help you use sysdig https://github.com/draios/sysdig/wiki/Sysdig-Examples

In case you are facing issues building sysdig from source on x86 platform the please use the below link to build sysdig https://github.com/draios/sysdig/wiki/How-to-Install-Sysdig-from-the-Source-Code

ZWindL commented 7 years ago

@ketank-new Thanks a lot, though it doesn't helped. I'm trying to read the source code to understand why I can't run it correctly.

ketank-new commented 7 years ago

@ZWindL : can you share your steps may be i can help. I have managed to use it on BIG endian platform as well as x86

ZWindL commented 7 years ago

@ketank-new I just installed the newest version of sysdig on my archlinux with pacman, it doesn't work whether I'm using root or other users. I tried to install it from source code, but my RAM is too small, it's only 4GB, so I failed several times and give up.

ketank-new commented 7 years ago

@ZWindL : could you paste the logs , that will help me understand the problem better

ZWindL commented 7 years ago

@ketank-new OK, thanks for your help.

That's the dmesg's output

[  211.654193] sysdig_probe: driver loading, sysdig-probe 0.16.0
[  211.655310] sysdig_probe: adding new consumer ffff8800a7fe0e40
[  211.655340] sysdig_probe: initializing ring buffer for CPU 0
[  211.660128] sysdig_probe: CPU buffer initialized, size=8388608
[  211.660131] sysdig_probe: initializing ring buffer for CPU 1
[  211.664742] sysdig_probe: CPU buffer initialized, size=8388608
[  211.664744] sysdig_probe: initializing ring buffer for CPU 2
[  211.669362] sysdig_probe: CPU buffer initialized, size=8388608
[  211.669364] sysdig_probe: initializing ring buffer for CPU 3
[  211.673891] sysdig_probe: CPU buffer initialized, size=8388608
[  211.673894] sysdig_probe: starting capture
[  211.677447] sysdig_probe: deallocating consumer ffff8800a7fe0e40
[  211.691907] sysdig_probe: no more consumers, stopping capture

and this is the journalctl -xe's output

5月 15 21:36:52 zwindl kernel: xhci_hcd 0000:00:14.0: WARN Event TRB for slot 1 ep 4 with no TDs queued?
5月 15 21:36:52 zwindl fprintd[4570]: identify_cb: result verify-match (1)
5月 15 21:36:52 zwindl kernel: xhci_hcd 0000:00:14.0: WARN Event TRB for slot 1 ep 4 with no TDs queued?
5月 15 21:36:52 zwindl fprintd[4570]: no longer monitoring fd 15
5月 15 21:36:52 zwindl fprintd[4570]: released device 0
5月 15 21:36:52 zwindl sudo[4569]:   zwindl : TTY=pts/1 ; PWD=/home/zwindl ; USER=root ; COMMAND=/usr/bin/sysdig
5月 15 21:36:52 zwindl sudo[4569]: pam_unix(sudo:session): session opened for user root by (uid=0)
5月 15 21:36:52 zwindl kernel: sysdig_probe: adding new consumer ffff88009f5c1c80
5月 15 21:36:52 zwindl kernel: sysdig_probe: initializing ring buffer for CPU 0
5月 15 21:36:52 zwindl kernel: sysdig_probe: CPU buffer initialized, size=8388608
5月 15 21:36:52 zwindl kernel: sysdig_probe: initializing ring buffer for CPU 1
5月 15 21:36:52 zwindl kernel: sysdig_probe: CPU buffer initialized, size=8388608
5月 15 21:36:52 zwindl kernel: sysdig_probe: initializing ring buffer for CPU 2
5月 15 21:36:52 zwindl kernel: sysdig_probe: CPU buffer initialized, size=8388608
5月 15 21:36:52 zwindl kernel: sysdig_probe: initializing ring buffer for CPU 3
5月 15 21:36:52 zwindl kernel: sysdig_probe: CPU buffer initialized, size=8388608
5月 15 21:36:52 zwindl kernel: sysdig_probe: starting capture
5月 15 21:36:52 zwindl kernel: sysdig_probe: deallocating consumer ffff88009f5c1c80
5月 15 21:36:52 zwindl kernel: sysdig_probe: no more consumers, stopping capture
5月 15 21:36:52 zwindl kernel: sysdig_probe: adding new consumer ffff88009f5c1c80
5月 15 21:36:52 zwindl kernel: sysdig_probe: initializing ring buffer for CPU 0
5月 15 21:36:52 zwindl kernel: sysdig_probe: CPU buffer initialized, size=8388608
5月 15 21:36:52 zwindl kernel: sysdig_probe: initializing ring buffer for CPU 1
5月 15 21:36:52 zwindl kernel: sysdig_probe: CPU buffer initialized, size=8388608
5月 15 21:36:52 zwindl kernel: sysdig_probe: initializing ring buffer for CPU 2
5月 15 21:36:52 zwindl kernel: sysdig_probe: CPU buffer initialized, size=8388608
5月 15 21:36:52 zwindl kernel: sysdig_probe: initializing ring buffer for CPU 3
5月 15 21:36:52 zwindl kernel: sysdig_probe: CPU buffer initialized, size=8388608
5月 15 21:36:52 zwindl kernel: sysdig_probe: starting capture
5月 15 21:36:52 zwindl kernel: sysdig_probe: deallocating consumer ffff88009f5c1c80
5月 15 21:36:52 zwindl kernel: sysdig_probe: no more consumers, stopping capture
5月 15 21:36:52 zwindl sudo[4569]: pam_unix(sudo:session): session closed for user root
lines 1082-1113/1113 (END)

when I run it directly with non root user, it just print error opening device /dev/sysdig0. Make sure you have root credentials and that the sysdig-probe module is loaded. but I changed to root with su or just run sudo sysdig it's still print error creating the process list. Make sure you have root credentials.

it makes me confused, what should I provide beside these logs?

luca3m commented 7 years ago

Hi, can you try the branch I just pushed? #835 I believe it will fix your problem

ZWindL commented 7 years ago

@luca3m OK, thanks a lot, I'm trying.

ZWindL commented 7 years ago

@luca3m It works! thanks a lot, awesome!