diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2014-05-04 03:53:39 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2014-05-04 03:53:39 +0000 |
commit | e75387b5443d933b7afda70735259944f64e39d2 (patch) | |
tree | 0c6b680083886ff3f4f14bca34b69526bfd71b28 /sbin/sysctl | |
parent | 078ffdecc4d697879a48c141229ab44dcb1af514 (diff) |
When kern.nosuidcoredump=3, act like =2 but try to dump cores into
the /var/crash/programname/ directory, as root. For instance,
# mkdir /var/crash/bgpd/
# chmod 700 /var/crash/bgpd/ # If you skip this step, you are a moron
# sysctl kern.nosuidcoredump=3
# bgpd
# pkill -ABRT bgpd
# ls /var/crash/bgpd/
14764.core 23207.core 6423.core
Of course, in real life the idea is that you don't kill the daemon but it
crashes and you collect parallel cores. Careful you don't fill your /var.
Further tuneables are being considered.
Sorry to be picking on bgpd for this example. I've watched the "too
difficult to debug privsep code" angst for far too long.
ok guenther
Diffstat (limited to 'sbin/sysctl')
-rw-r--r-- | sbin/sysctl/sysctl.8 | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/sbin/sysctl/sysctl.8 b/sbin/sysctl/sysctl.8 index e0b02563bc7..dac573f121d 100644 --- a/sbin/sysctl/sysctl.8 +++ b/sbin/sysctl/sysctl.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sysctl.8,v 1.177 2014/04/27 16:56:51 jmc Exp $ +.\" $OpenBSD: sysctl.8,v 1.178 2014/05/04 03:53:37 deraadt Exp $ .\" $NetBSD: sysctl.8,v 1.4 1995/09/30 07:12:49 thorpej Exp $ .\" .\" Copyright (c) 1993 @@ -30,7 +30,7 @@ .\" .\" @(#)sysctl.8 8.2 (Berkeley) 5/9/95 .\" -.Dd $Mdocdate: April 27 2014 $ +.Dd $Mdocdate: May 4 2014 $ .Dt SYSCTL 8 .Os .Sh NAME @@ -521,6 +521,18 @@ the maximum number of shared memory segments: # sysctl kern.shminfo.shmmax=33554432 # sysctl kern.shminfo.shmseg=32 .Ed +.Pp +To place core dumps from +.Xr issetugid 2 +programs (in this example +.Xr bgpd 8 ) +into a safe place for debugging purposes +.Bd -literal -offset indent +# mkdir /var/crash/bgpd +# chmod 700 /var/crash/bgpd +# sysctl kern.nosuidcoredump=3 +.Ed +.Pp .Sh SEE ALSO .Xr sysctl 3 , .Xr options 4 , |