search

evilsocket / opensnitch

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
GNU General Public License v3.0
10.74k stars 498 forks source link

Error while enabling event sched_process_exit #187

Closed b3taman closed 3 years ago

b3taman commented 6 years ago

Firstly, well done on this. As a non-golang user I pretty much got everything installed, but ran into the above log file entry after trying to get it started by hand because of some systemctl wobble. Below screen scrape hopefully gives sufficient information.

Environment

someuser@somehost:~ $ uname -a
Linux somehost 4.15.0-1-amd64 #1 SMP Debian 4.15.4-1~mx17+1 (2018-02-23) x86_64 GNU/Linux

someuser@somehost:~ $ lsb_release -a
No LSB modules are available.
Distributor ID: MX
Description:    MX 17 Horizon
Release:    17
Codename:   Horizon

someuser@somehost:~ $ go version
go version go1.10.3 linux/amd64

someuser@somehost:~ $ go env
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/someuser/.cache/go-build"
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOOS="linux"
GOPATH="/home/someuser/gocode"
GORACE=""
GOROOT="/usr/local/go"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build682011611=/tmp/go-build -gno-record-gcc-switches"

someuser@somehost:~ $ echo $PATH | tr : \\n | grep gocode
/home/someuser/gocode/bin

After prerequisites, compile and make

someuser@somehost:~ $ sudo systemctl enable opensnitchd ; echo $?
0

someuser@somehost:~ $ sudo service opensnitchd start
opensnitchd: unrecognized service

someuser@somehost:~ $ sudo cat /etc/systemd/system/opensnitchd.service
[Unit]
Description=OpenSnitch is a GNU/Linux port of the Little Snitch application firewall.
Documentation=https://github.com/evilsocket/opensnitch
Wants=network.target
After=network.target

[Service]
Type=simple
PermissionsStartOnly=true
ExecStartPre=/bin/mkdir -p /etc/opensnitchd/rules
ExecStart=/usr/local/bin/opensnitchd -log-file /var/log/opensnitchd.log -rules-path /etc/opensnitchd/rules -ui-socket unix:///tmp/osui.sock
Restart=always
RestartSec=30

[Install]
WantedBy=multi-user.target

someuser@somehost:~ $ sudo /usr/local/bin/opensnitchd -log-file /var/log/opensnitchd.log -rules-path /etc/opensnitchd/rules -ui-socket unix:///tmp/osui.sock ; echo $?
1

someuser@somehost:~ $ cat /var/log/opensnitchd.log
[2018-08-11 10:22:36]  IMP  Starting opensnitch-daemon v1.0.0b
[2018-08-11 10:22:36]  !!!  Error while enabling event sched_process_exit: open /sys/kernel/debug/tracing/events/sched/sched_process_exit/enable: no such file or directory

I'm happy to help in whatever way I can, given limited time though.

Thanks again.

Northern-Lights commented 6 years ago

I think first of all, the daemon must be run as a service, e.g. systemctl start opensnitchd.service (as root/sudo, of course.)

If it still doesn't work, do you see the following when running this as root:

# grep sched_process /sys/kernel/debug/tracing/available_events 
sched:sched_process_exec
sched:sched_process_fork
sched:sched_process_wait
sched:sched_process_exit
sched:sched_process_free

Also, what do you have in /sys/kernel/debug/tracing/events/sched/ (or do you have that directory at all?)

gustavo-iniguez-goya commented 3 years ago

Probably he didn't have debugfs mounted/enabled. Now with latest packages we fallback to parsing proc.