-
Alban Crequy authored
To get the cgroup id, you can use the following program to call name_to_handle_at(), borrowed from linux/tools/testing/selftests/bpf/cgroup_helpers.c: ``` wget https://gist.githubusercontent.com/alban/4a9aea9636d9fdf11709eddd21df4cc4/raw/f4fc915483a069d6044957e27df091923f95c48b/getcgroupid.c gcc -Wall -o getcgroupid getcgroupid.c ./getcgroupid /sys/fs/cgroup/unified/ 0x100000001 4294967297 ``` To test it, I run the tracer in one terminal: ``` ./build.sh sudo ./build-release/src/bpftrace -e 'tracepoint:syscalls:sys_enter_openat /cgroup == 0x100000001/ { printf("%s\n", str(args->filename)); }' ``` And some tests in another terminal: ``` sudo -s echo $$ > /sys/fs/cgroup/unified/cgroup.procs cat /dev/null ``` And observe the output of the tracer: ``` Attaching 1 probe... /etc/ld.so.cache /lib64/libc.so.6 /usr/lib/locale/locale-archive /dev/null ^C ```
22110ad2