Skip to content

TraceFS on NixOS #388743

New issue
New issue
Closed
#388751
Closed
TraceFS on NixOS#388743
#388751
@JohnRTitor

Description

@JohnRTitor
JohnRTitor
opened on Mar 10, 2025

tracefs is a special-purpose filesystem in Linux used for tracing filesystem and kernel operations.

This was added to the kernel back in 2015 to replace debugfs. For security reasons, some system do not mount debugfs at all. Tracefs reduces the attack surface by allowing to trace without mounting debugfs. Additionally it provides features not supported by debugfs (such as calls for mkdir and rmdir. 1

On NixOS, we currently mount debugfs by default.

Distro support

Debian and Arch Linux both enable this by default.
RHEL 8 and later, they enable tracefs by default. 2

Sample config

Tracefs can be enabled as easily by:

  fileSystems."/sys/kernel/tracing" = {
    device = "tracefs";
    fsType = "tracefs";
  };

Footnotes

  1. https://lkml.iu.edu/hypermail/linux/kernel/1501.2/03623.html

  2. https://access.redhat.com/solutions/5914171

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions