I’m in the process of updating my parca-agent snap. Parca Agent is an eBPF based profiling tool, and they recently landed a change that performs some checks on startup to try and ensure the host kernel was compiled with the correct kernel options that enable the eBPF features they depend on.
They detect this by trying to read the kernel config from three locations:
/proc/config.gz
/boot/config
/boot/config-$(uname -r)
I’d like to propose the addition of a new interface in snapd, perhaps named kernel-config that grants read-only access to these paths.
I can potentially have a go at a PR to implement this based on some of the existing interfaces if that’s helpful (I’m unfamiliar with the codebase, but willing ;-)).
Not sure on the usual process for adding interfaces to snapd itself, and haven’t found any docs on the process.
I think this is a good interface to include - another location for the config to be found, that is not already accounted for above, is /lib/modules/$(uname -r)/build/.config
Nice catch, we should definitely grab all the paths that represent this information
I mean selfishly I like this option because I don’t have to change the snap, and it certainly fits with the name. It’s likely that anyone who needs to read the kernel config is likely to subsequently need system-observe anyway one could argue…
I’ve started a trivial PR, which I fully expect will need some changes, but if we are to go with system-observe, it doesn’t look like it’ll be a big change (assuming I’ve understood the code correctly…)
