NAME
stap-authorize-signing-cert - systemtap signing authorization utility
SYNOPSIS
stap-authorize-signing-cert CERTFILE [ DIRNAME ]
DESCRIPTION
The staprun program will load modules for members of the group stapusr
if they are signed by a trusted signer. A trusted signer is usually a
systemtap compile server which signs modules when the client
(stap-client) specifies the --unprivileged option.
The trustworthiness of a given signer can not be determined
automatically without a trusted certificate authority issuing systemtap
signing certificates. This is not practical in everyday use and so,
staprun must authenticate servers against its own database of trusted
signers. In this context, establishing a given signer as trusted means
adding that signer's certificate to staprun's database of trusted
signers.
The stap-authorize-signing-cert program adds the given signing
certificate to the given certificate database, making that signer a
trusted server for staprun when using that database.
ARGUMENTS
The stap-authorize-signing-cert program accepts two arguments:
CERTFILE
This is the name of the file containing the certificate of the
new trusted signer. For systemtap compile servers, this is the
file named stap.cert which can be found in the server's
certificate database. On the server host, for servers started
by the stap-server service, this database can be found in
/var/lib/stap-server/.systemtap/ssl/server/. For servers run by
other non-root users, this database can be found in
$HOME/.systemtap/ssl/server/. For root users (EUID=0), it can
be found in /etc/systemtap/ssl/server.
DIRNAME
This optional argument is the name of the directory containing
the certificate database to which the certificate is to be
added. If not specified, the default is /etc/systemtap/staprun/.
That is, the default result is that all users on the local host
will trust this signer. Note that this default directory is only
writable by root.
SAFETY AND SECURITY
Systemtap is an administrative tool. It exposes kernel internal data
structures and potentially private user information. See the stap(1)
manual page for additional information on safety and security.
Systemtap uses Network Security Services (NSS) for module signing and
verification. The NSS tool certutil is used for the generation of
certificates. The related certificate databases must be protected in
order to maintain the security of the system. Use of the utilities
provided will help to ensure that the proper protection is maintained.
staprun will check for proper access permissions before making use of
any certificate database.
FILES
/etc/systemtap/staprun/
staprun's trusted signer certificate database.
/var/lib/stap-server/.systemtap/ssl/server/stap.cert
Signing certificate for servers started by the stap-server
service.
SEE ALSO
stap(1), staprun(8), stap-server(8), stap-client(8), NSS, certutil
BUGS
Use the Bugzilla link of the project web page or our mailing list.
http://sources.redhat.com/systemtap/, <systemtap@sources.redhat.com>.