11

When trying to use the perf command, I get the following error message:

Access to performance monitoring and observability operations is limited.
Consider adjusting /proc/sys/kernel/perf_event_paranoid setting to open
access to performance monitoring and observability operations for processes
without CAP_PERFMON, CAP_SYS_PTRACE or CAP_SYS_ADMIN Linux capability.
More information can be found at 'Perf events and tool security' document:
https://www.kernel.org/doc/html/latest/admin-guide/perf-security.html
perf_event_paranoid setting is 4:
  -1: Allow use of (almost) all events by all users
      Ignore mlock limit after perf_event_mlock_kb without CAP_IPC_LOCK
>= 0: Disallow raw and ftrace function tracepoint access
>= 1: Disallow CPU event access
>= 2: Disallow kernel profiling
To make the adjusted perf_event_paranoid setting permanent preserve it
in /etc/sysctl.conf (e.g. kernel.perf_event_paranoid = <setting>)

But I am unable to change the file. I tried this advice, but it does not work. Are there any other ways to change it?

I am using Ubuntu 22.04.2 LTS

Kevin Bowen
  • 20,055
  • 57
  • 82
  • 84
Simplicissimus
  • 341
  • 1
  • 2
  • 11

1 Answers1

12

The settings can be changed using the sysctl command, even without rebooting:

sudo sysctl kernel.perf_event_paranoid=<parameter>

<parameter> can be resumed as

perf_event_paranoid:

Controls use of the performance events system by unprivileged users (without CAP_SYS_ADMIN). The default value is 2.

-1: Allow use of (almost) all events by all users Ignore mlock limit after perf_event_mlock_kb without CAP_IPC_LOCK

&gt;=0: Disallow ftrace function tracepoint by users without CAP_SYS_ADMIN Disallow raw tracepoint access by users without CAP_SYS_ADMIN

&gt;=1: Disallow CPU event access by users without CAP_SYS_ADMIN

&gt;=2: Disallow kernel profiling by users without CAP_SYS_ADMIN

from the kernel docs

Simplicissimus
  • 341
  • 1
  • 2
  • 11