Skip to content

doc: document why Tetragon will fail to load its BPF programs with operation not permitted #2265

New issue
New issue
Open
Open
doc: document why Tetragon will fail to load its BPF programs with operation not permitted#2265
Labels
area/documentationImprovements or additions to documentationgood first issueGood for newcomers
@tixxdz

Description

@tixxdz
tixxdz
opened on Mar 28, 2024

We should add in our https://tetragon.io/docs/faq/ some documentation why Tetragon will fail with operation not permitted when loading BPF programs on some machines.

Users have been reporting this #2263 and it is due to lockdown in confidentiality mode, or could be to some other LSM context.

The PR #2149 prints the security context of Tetragon at startup, so having an example of output in the FAQ will help.

We can use @kkourt text:
"lockdown mode seems to be set to 'confidentiality', which does not allow Tetragon to operate because it prohibits loading BPF programs. See iovisor/bcc#2565 for more details".

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/documentationImprovements or additions to documentationgood first issueGood for newcomers

    Type

    No type

    Projects

    Good First Issues

    Status

    No status

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions