Rafael David Tinoco
Rafael David Tinoco
AND, ok @yanivagman I'm good if we're able to split CORE and non CO-RE code and make it better to read, maintain and... more elegant for general readers as well...
@06kellyjac Im facing way more problems than just this one. Integration tests seem to fail (many of them) currently (when attempted your reproducer). I'll ask you to provide a PR...
> I just realized the container probably needs `--pid=host --cgroupns=host --privileged` (or at least `--privileged`) so I'm trying that now 🤦 Oh right =D haha, I didn't think of it...
Just for context in here. We are currently testing/supporting: Upstream:  And: Focal (Ubuntu 5.4) Focal HWE (Ubuntu 5.13) Jammy (Ubuntu 5.15) Fedora 34 (Fedora 5.11) Fedora 35 (Fedora 5.14)...
@NDStrahilevitz this is one issue you should keep track of (for the major 'filtering improvement' effort you're handling).
After fixing small compilation issue caused by recent changes, This is the current status for this issue: ### **hooked_proc_fops** (**OKAY**, needs real test) ``` [ubuntu@ip-172-31-29-29 ~/tracee]$ sudo ./dist/tracee-ebpf -t e=hooked_proc_fops...
The following error (in ARM64): ``` $ sudo ./dist/tracee-ebpf -t e=hooked_syscalls TIME UID COMM PID TID RET EVENT ARGS failed to apply invoke context on print_syscall_table event: no event context...
Tracking the ARM64 uprobe argument issue at: https://github.com/aquasecurity/tracee/issues/2124
> I didn't review the code, but to refer to parts of the comment by @NDStrahilevitz, I think that: > > 1. Logger should be in its own package (which...
I believe this is currently being worked by @geyslan now, for 0.9.0, right @AlonZivony ? IF that is so, mind if we close this one ?