From 01cd1cf66d3ff74c2c522a0f6c900cf16c9ec7b6 Mon Sep 17 00:00:00 2001 From: Iori Yoneji Date: Tue, 29 Jan 2019 15:55:34 +0900 Subject: [PATCH 1/4] wrap sudo invocation with runasroot --- bin/create-java-perf-map.sh | 8 +++++--- bin/perf-java-flames | 3 ++- bin/perf-java-record-stack | 3 ++- bin/perf-java-report-stack | 3 ++- bin/sudo-wrap.sh | 9 +++++++++ 5 files changed, 20 insertions(+), 6 deletions(-) create mode 100755 bin/sudo-wrap.sh diff --git a/bin/create-java-perf-map.sh b/bin/create-java-perf-map.sh index f5806b6..ea0fe38 100755 --- a/bin/create-java-perf-map.sh +++ b/bin/create-java-perf-map.sh @@ -2,6 +2,8 @@ set -e #set -x +source $(dirname $0)/sudo-wrap.sh + CUR_DIR=`pwd` PID=$1 OPTIONS=$2 @@ -37,9 +39,9 @@ fi if [[ "$LINUX" == "1" ]]; then - sudo rm $PERF_MAP_FILE -f - (cd $PERF_MAP_DIR/out && sudo -u \#$TARGET_UID -g \#$TARGET_GID $JAVA_HOME/bin/java -cp $ATTACH_JAR_PATH:$JAVA_HOME/lib/tools.jar net.virtualvoid.perf.AttachOnce $PID "$OPTIONS") - sudo chown root:root $PERF_MAP_FILE + runasroot rm $PERF_MAP_FILE -f + (cd $PERF_MAP_DIR/out && runasroot -u \#$TARGET_UID -g \#$TARGET_GID $JAVA_HOME/bin/java -cp $ATTACH_JAR_PATH:$JAVA_HOME/lib/tools.jar net.virtualvoid.perf.AttachOnce $PID "$OPTIONS") + runasroot chown root:root $PERF_MAP_FILE else rm -f $PERF_MAP_FILE (cd $PERF_MAP_DIR/out && $JAVA_HOME/bin/java -cp $ATTACH_JAR_PATH:$JAVA_HOME/lib/tools.jar net.virtualvoid.perf.AttachOnce $PID "$OPTIONS") diff --git a/bin/perf-java-flames b/bin/perf-java-flames index 874631b..432f191 100755 --- a/bin/perf-java-flames +++ b/bin/perf-java-flames @@ -1,6 +1,7 @@ #!/bin/sh set -e #set -x +source $(dirname $0)/sudo-wrap.sh PID=$1 @@ -30,6 +31,6 @@ if [ -z "$PERF_FLAME_OPTS" ]; then fi $PERF_MAP_DIR/bin/perf-java-record-stack $* -sudo perf script -i $PERF_DATA_FILE > $STACKS +runasroot perf script -i $PERF_DATA_FILE > $STACKS $FLAMEGRAPH_DIR/stackcollapse-perf.pl $PERF_COLLAPSE_OPTS $STACKS | tee $COLLAPSED | $FLAMEGRAPH_DIR/flamegraph.pl $PERF_FLAME_OPTS > $PERF_FLAME_OUTPUT echo "Flame graph SVG written to PERF_FLAME_OUTPUT='`readlink -f $PERF_FLAME_OUTPUT`'." diff --git a/bin/perf-java-record-stack b/bin/perf-java-record-stack index 1f2a4a4..e79b886 100755 --- a/bin/perf-java-record-stack +++ b/bin/perf-java-record-stack @@ -1,6 +1,7 @@ #!/bin/bash set -e #set -x +source $(dirname $0)/sudo-wrap.sh PERF_MAP_DIR=$(dirname $(readlink -f $0))/.. PID=$1 @@ -22,5 +23,5 @@ if [ -z "$PERF_DATA_FILE" ]; then fi echo "Recording events for $PERF_RECORD_SECONDS seconds (adapt by setting PERF_RECORD_SECONDS)" -sudo perf record -F $PERF_RECORD_FREQ -o $PERF_DATA_FILE -g -p $* -- sleep $PERF_RECORD_SECONDS +runasroot perf record -F $PERF_RECORD_FREQ -o $PERF_DATA_FILE -g -p $* -- sleep $PERF_RECORD_SECONDS $PERF_MAP_DIR/bin/create-java-perf-map.sh $PID "$PERF_MAP_OPTIONS" diff --git a/bin/perf-java-report-stack b/bin/perf-java-report-stack index 276b803..f4637ff 100755 --- a/bin/perf-java-report-stack +++ b/bin/perf-java-report-stack @@ -1,6 +1,7 @@ #!/bin/bash set -e #set -x +source $(dirname $0)/sudo-wrap.sh PID=$1 PERF_MAP_DIR=$(dirname $(readlink -f $0))/.. @@ -14,4 +15,4 @@ if [ -z "$PERF_DATA_FILE" ]; then fi $PERF_MAP_DIR/bin/perf-java-record-stack $* -sudo perf report -i $PERF_DATA_FILE +runasroot perf report -i $PERF_DATA_FILE diff --git a/bin/sudo-wrap.sh b/bin/sudo-wrap.sh new file mode 100755 index 0000000..5375f74 --- /dev/null +++ b/bin/sudo-wrap.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +function runasroot() { + if [[ "$EUID" -ne 0 ]]; then + sudo $@ + else + $@ + fi +} From f7e7564d3d1059dcafd9e8ea9f8ff27369f92e73 Mon Sep 17 00:00:00 2001 From: Iori Yoneji Date: Tue, 29 Jan 2019 16:33:17 +0900 Subject: [PATCH 2/4] check sudo command existence --- bin/sudo-wrap.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/bin/sudo-wrap.sh b/bin/sudo-wrap.sh index 5375f74..8094ede 100755 --- a/bin/sudo-wrap.sh +++ b/bin/sudo-wrap.sh @@ -2,7 +2,13 @@ function runasroot() { if [[ "$EUID" -ne 0 ]]; then - sudo $@ + command -v sudo + if [[ $? -eq 0 ]]; then + sudo $@ + else + echo "sudo is missing" + exit 1 + fi else $@ fi From 5514e3777dc36402b88eaffa829cc126612544fd Mon Sep 17 00:00:00 2001 From: Iori Yoneji Date: Thu, 31 Jan 2019 21:42:12 +0900 Subject: [PATCH 3/4] add -u option workaround --- bin/sudo-wrap.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/bin/sudo-wrap.sh b/bin/sudo-wrap.sh index 8094ede..8eec88b 100755 --- a/bin/sudo-wrap.sh +++ b/bin/sudo-wrap.sh @@ -1,7 +1,12 @@ #!/bin/bash function runasroot() { - if [[ "$EUID" -ne 0 ]]; then + WANT_UID=0 + if [[ "$1" == "-u" ]]; then + WANT_UID=$2 + fi + + if [[ "$EUID" -ne "${WANT_UID}" ]]; then command -v sudo if [[ $? -eq 0 ]]; then sudo $@ From 36e92a5d5c62d0bd38740bb10cb4314a191c5628 Mon Sep 17 00:00:00 2001 From: Iori Yoneji Date: Fri, 1 Feb 2019 12:35:44 +0900 Subject: [PATCH 4/4] fix sudo-wrap --- bin/sudo-wrap.sh | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/bin/sudo-wrap.sh b/bin/sudo-wrap.sh index 8eec88b..5938f4f 100755 --- a/bin/sudo-wrap.sh +++ b/bin/sudo-wrap.sh @@ -4,12 +4,18 @@ function runasroot() { WANT_UID=0 if [[ "$1" == "-u" ]]; then WANT_UID=$2 + shift 2 fi - if [[ "$EUID" -ne "${WANT_UID}" ]]; then + if [[ "$1" == "-g" ]]; then + WANT_GID=$2 + shift 2 + fi + + if [[ "\#$EUID" == "${WANT_UID}" || "\#$EGID" == "${WANT_GID}" ]]; then command -v sudo if [[ $? -eq 0 ]]; then - sudo $@ + sudo -u ${WANT_UID} -g ${WANT_GID} $@ else echo "sudo is missing" exit 1