Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

doc: document why Tetragon will fail to load its BPF programs with operation not permitted #2265

Open
tixxdz opened this issue Mar 28, 2024 · 0 comments
Open

doc: document why Tetragon will fail to load its BPF programs with operation not permitted #2265

tixxdz opened this issue Mar 28, 2024 · 0 comments
Labels
area/documentation Improvements or additions to documentation good first issue Good for newcomers

Comments

@tixxdz
Copy link
Member

tixxdz commented Mar 28, 2024

We should add in our https://tetragon.io/docs/faq/ some documentation why Tetragon will fail with operation not permitted when loading BPF programs on some machines.

Users have been reporting this #2263 and it is due to lockdown in confidentiality mode, or could be to some other LSM context.

The PR #2149 prints the security context of Tetragon at startup, so having an example of output in the FAQ will help.

We can use @kkourt text:
"lockdown mode seems to be set to 'confidentiality', which does not allow Tetragon to operate because it prohibits loading BPF programs. See iovisor/bcc#2565 for more details".
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/documentation Improvements or additions to documentation good first issue Good for newcomers
Projects
Good First Issues
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tixxdz