# dtrace in jail



## byrnejb (Jul 23, 2020)

How must a jail be configured to use dtrace?  When I try to list the probes I get a no device error:


```
[root@smb4-2 ~ (master)]# kldstat | grep dtrace
26    1 0xffffffff82ec1000      2ea dtraceall.ko
27    9 0xffffffff82ec2000    3cee0 dtrace.ko

[root@smb4-2 ~ (master)]# dtrace -l | more
dtrace: failed to initialize dtrace: DTrace device not available on system
```


----------



## 0mp (Jun 24, 2022)

I used dwatch(1) to observe what files `dtrace` tried to open within the jail.

On the host:


```
dwatch -j myjail -X open
```

Within the jail:


```
dtrace -l
```

The output I got from `dwatch` was along the lines of:


```
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/dtrace
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/profile
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/syscall
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/syscall
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/pf
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/vmm
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/iwlwifi
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/linuxulator32
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/linuxulator
2022 Jun 24 12:43:39 0.0 dtrace[51290]: /dev/dtrace/ice_fwlog
```

So I decided to unhide `dtrace*` devices by issuing the following commands from the host:


```
devfs -m /jails/myjail/dev rule apply path dtrace* unhide
devfs -m /jails/myjail/dev rule apply path dtrace/* unhide
```

As a result, commands like `dtrace -n 'pid$target:::' -c 'true'` started to work in the jail.


----------



## SirDice (Jun 24, 2022)

Don't really know where to put this, so "Emulation and virtualization" for now (it's about jails). Might move it later to "Userland and Scripting" or "FreeBSD Development" depending on how the thread progresses.


----------



## Ole (Jun 24, 2022)

Also for some probes  you will need to copy `/boot/kernel` into jail (or mount `/boot/kernel` directory from host to jail via `nullfs`). It contains CTF data/info which  DTRACE can use.


----------



## 0mp (Jun 28, 2022)

Thanks, Ole! 

I added the following nullfs(5) mount to my jail's fstab (i.e., the fstab(5) file pointed to by the `mount.fstab` jail(8) variable):


```
/boot/kernel /jails/myjail/boot/kernel    nullfs  ro      0       0
```

As a result, commands like `dwatch -X open` work without an issue within the jail.


----------

