#! /bin/sh
run(){
echo "== $1 =="
sh -c "$@" || true
}
PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin
export PATH
exec 2>&1
if [ "`id -u`" -ne 0 ]; then
echo
echo WARNING: rerun $0 as root for fuller results.
echo
fi
nss_db_status () {
db_path="$1"
if [ ! -e "$db_path" ]; then
echo "NSS database path '$db_path' does not exist"
return
fi
run "ls '$db_path'"
dbm_files_found=0
sql_files_found=0
secmod_found=0
key3_found=0
cert8_found=0
pkcs11_found=0
key4_found=0
cert9_found=0
if [ -e "$db_path/secmod.db" ]; then
dbm_files_found=$((dbm_files_found + 1))
secmod_found=1
fi
if [ -e "$db_path/key3.db" ]; then
dbm_files_found=$((dbm_files_found + 1))
key3_found=1
fi
if [ -e "$db_path/cert8.db" ]; then
dbm_files_found=$((dbm_files_found + 1))
cert8_found=1
fi
if [ -e "$db_path/pkcs11.txt" ]; then
sql_files_found=$((sql_files_found + 1))
pkcs11_found=1
fi
if [ -e "$db_path/key4.db" ]; then
sql_files_found=$((sql_files_found + 1))
key4_found=1
fi
if [ -e "$db_path/cert9.db" ]; then
sql_files_found=$((sql_files_found + 1))
cert9_found=1
fi
if [ $dbm_files_found = 0 -a $sql_files_found = 0 ]; then
echo "No NSS database found at '$db_path'"
else
if [ $dbm_files_found = 3 ]; then
echo "dbm format NSS database found at '$db_path'"
elif [ $dbm_files_found != 0 ]; then
[ $secmod_found = 0 ] && echo "secmod.db is missing from dbm format NSS database at '$db_path'"
[ $key3_found = 0 ] && echo "key3.db is missing from dbm format NSS database at '$db_path'"
[ $cert8_found = 0 ] && echo "cert8.db is missing from dbm format NSS database at '$db_path'"
fi
if [ $sql_files_found = 3 ]; then
echo "sql format NSS database found at '$db_path'"
elif [ $sql_files_found != 0 ]; then
[ $pkcs11_found = 0 ] && echo "pkcs11.txt is missing from sql format NSS database at '$db_path'"
[ $key4_found = 0 ] && echo "key4.db is missing from sql format NSS database at '$db_path'"
[ $cert9_found = 0 ] && echo "cert9.db is missing from sql format NSS database at '$db_path'"
fi
fi
}
run "id"
run "stap -V"
run "which stap"
run "cat $HOME/.systemtap/rc"
run "which stap-server"
run "locate --regex '/stap(run|io|dyn)?$' | xargs ls -ald"
run "printenv | egrep '^PATH=|^LD_LIBRARY_PATH=|^SYSTEMTAP_.*=|^XDG_DATA.*=|^NSS.*='"
run "stap -vv --vp 0002 --poison-cache -p4 -e 'probe begin {exit()}'"
run "gcc -v"
run "uname -a"
run "dmesg | fgrep 'Linux version'"
run "dmesg | egrep 'stap|systemtap' | tail -n 10"
run "hostname"
run "nslookup `hostname`"
run "cat /etc/hosts"
run "cat /var/log/stap-server/log"
run "cat /proc/cpuinfo | egrep 'processor|vendor_id|model name'"
if [ -x /usr/bin/dpkg ]; then
# debian/ubuntu
run "dpkg --list | egrep 'systemtap|elfutils|kernel|linux|gcc|dyninst|avahi|nss|nspr|dejagnu|libdw' | awk '{print \$2,\$3}' | sort"
elif [ -x /usr/bin/rpm -o -x /bin/rpm ]; then
# fedora/rhel/suse/...
run "rpm -qa --qf '%{name}-%{version} %{release}.%{arch}\\t%{buildtime:date}@%{buildhost}\\n' | egrep 'systemtap|elfutils|kernel|gcc|dyninst|avahi|nss|nspr|dejagnu|libdw' | sort"
elif [ -f /var/log/packages ]; then
# slackware
run "cat /var/log/packages | egrep 'systemtap|elfutils|kernel|gcc|dyninst|avahi|nss|nspr|dejagnu' | sort -k9"
fi
run "egrep 'PROBE|RANDOMIZE|RELOC|TRACE|MARKER|KALLSYM|_DEBUG_|LOCKDEP|LOCKING|MODULE|FENTRY|_SIG|BPF' /lib/modules/`uname -r`/build/.config | grep -v not.set | sort | fmt -w 80"
run "find /debugfs /proc /sys /dev /sys/kernel/debug -type f -path '*kprobe*' -o -path '*yama*' 2>/dev/null | xargs grep -H ."
run "lsmod"
run "avahi-browse -r -t _stap._tcp"
run "ifconfig -a"
run "ps awux | grep stap"
for dir in /boot /usr/lib/debug/lib/modules/`uname -r` /lib/modules/`uname -r`/build
do
for file in $dir/vmlinuz-`uname -r` $dir/vmlinuz $dir/vmlinux-`uname -r` $dir/vmlinux `locate -r '/vmlinu[xz]' 2>/dev/null`
do
if [ -f $file ]; then
if grep -q ELF $file; then
echo $file
run "(eu-readelf -n $file 2>/dev/null || readelf -n $file 2>/dev/null) | grep Build"
fi
fi
done
done
locate vmlinux.id 2>/dev/null | while read file
do
run "cat $file"
done
run "hexdump -C /sys/kernel/notes"
for file in /sys/module/*/notes/.*build*
do
run "hexdump -C $file"
done
if [ -x /usr/bin/seinfo ]; then
run "seinfo"
fi
if [ -x /usr/sbin/getenforce ]; then
run "getenforce"
fi
if [ -x /usr/sbin/aa-status ]; then
run "aa-status"
fi
echo == NSS ==
if [ -n "$SYSTEMTAP_DIR" ]; then
nss_db_status "$SYSTEMTAP_DIR/ssl/client"
nss_db_status "$SYSTEMTAP_DIR/ssl/server"
fi
nss_db_status ~/.systemtap/ssl/client
nss_db_status ~/.systemtap/ssl/server
nss_db_status /etc/systemtap/ssl/server
nss_db_status /etc/systemtap/staprun