[Gllug] [OT] Linux question - core dumps

[Simon Pither]

On Sat, 15 Feb 2003 23:48:56 +0000
rich at annexia.org wrote:
> I have a server which is running as 'nobody' (actually it starts running
> as root and setuid/setgids to this user). It is running in a directory
> called /tmp/cores/ which is 0755, chowned to nobody.nogroup. I've also
> called 'ulimit -c unlimited'. Despite this, the server refuses to dump
> core if it crashes. This is really annoying because it makes it very
> hard to debug the server (it crashes about once every 5 days).
> 
> Any ideas how to force it to dump core???

I beleive this is a kernel restriction.  Any process that has setuid/setgid is restricted from dumping core.  This is intended to be a security restriction.

Here's a (rather old) post that mentions one of the possible security problems allowing this could create:

http://lists.insecure.org/lists/bugtraq/1997/Feb/0077.html

If you really must get at these cores, I've seen patches to the 2.4 kernel series before, although I don't seem to be able to find any with a quick search now.

The other possibility is to start it as nobody.nogroup to avoid the change, then cores will still be anabled.

Simon

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug