User Tools

Site Tools



This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Last revision Both sides next revision
systemd-coredump [2018/11/16 11:33]
rpjday [Coredump configuration]
systemd-coredump [2018/11/16 11:49]
rpjday [Piping to a program]
Line 33: Line 33:
 </​code>​ </​code>​
-===== core dump variables ​=====+===== Configuring the core dump ===== 
 +==== core dump variables ​====
 <​code>​ <​code>​
Line 52: Line 54:
 </​code>​ </​code>​
 +===== Piping to a program =====
 +==== Rules ====
 +  * The program must be specified using an absolute pathname (or a pathname relative to the root directory, /), and must immediately follow the '​|'​ character.
 +  * The command-line arguments can include any of the % specifiers listed above. For example, to pass the PID of the process that is being dumped, specify %p in an argument.
 +  * The process created to run the program runs as user and group root.
 +  * Running as root does not confer any exceptional security bypasses. ​  ​Namely,​ LSMs  (e.g., ​ SELinux) ​ are  still  active ​ and may prevent the handler from accessing details about the crashed process via /​proc/​[pid].
 +  * The program pathname is interpreted with respect to the initial mount namespace ​ as  it  is  always executed there. ​ It is not affected by the settings (e.g., root directory, mount namespace, current working ​ directory) ​ of the crashing process.
 +  * The process runs in the initial namespaces (PID, mount, user, and so on) and not in the namespaces of the crashing process. ​ One can  utilize ​ specifiers such  as  %P  to  find  the  right /proc/[pid] directory and probe/enter the crashing process'​s namespaces if needed.
 +  * The process starts with its current working directory as the root directory. If  desired, ​ it  is possible change to the working directory of the dumping process by employing the value provided by the %P specifier to change to the location of the dumping process via /​proc/​[pid]/​cwd.
 +  * Command-line ​ arguments can be supplied to the program (since Linux 2.6.24), delimited by white space (up to a total line length of 128 bytes).
 +  * The RLIMIT_CORE limit is not enforced for core dumps that are piped to a program via this mechanism.
systemd-coredump.txt · Last modified: 2018/11/16 11:50 by rpjday