[ https://issues.apache.org/jira/browse/DISPATCH-130?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alan Conway updated DISPATCH-130: --------------------------------- Attachment: qdrouterd The problem is that if you start qdrouterd as root and it changes it own uid via the --user option, the kernel still considers it a privileged process and will not allow it to dump core without special shenaniagans. This is because it *could* have gotten sensitive information into memory while it was a root process so a core file might be a security risk. The solution is to start as a non-root user and not use the --user option. Attached is an example SYSV init script that does so, it was tested on RHEL6 but something very like it should work on any SYSV-based system. No systemd script available but the same logic would apply. > qdrouterd with --daemon and --user options does not dump core. > -------------------------------------------------------------- > > Key: DISPATCH-130 > URL: https://issues.apache.org/jira/browse/DISPATCH-130 > Project: Qpid Dispatch > Issue Type: Bug > Components: Container > Affects Versions: 0.3 > Reporter: Alan Conway > Assignee: Alan Conway > Fix For: 0.4 > > Attachments: qdrouterd > > > If qdroutered is started with --daemon and --user options, and then is killed > with SIGABRT or crashes, it does not produce a core file. Note both --daemon > and --user are reqiured to produce the problem, either alone does not. Tested > on RHEL6 and Fedora 21 as follows: > Send core files in /tmp, since --daemon will set current directory to / > {noformat} > # echo /tmp/core.%e.%p > /proc/sys/kernel/core_pattern > {noformat} > Verify we do get a core file with just --daemon > {noformat} > # qdrouterd --daemon > # pkill -e -6 qdrouterd > qdrouterd killed (pid 11482) > # ls /tmp/core* > /tmp/core.qdrouterd.11482 > {noformat} > Now add --user > {noformat} > # rm /tmp/core* > # qdrouterd --daemon --user aconway > # pkill -e -6 qdrouterd > qdrouterd killed (pid 11432) > # ls /tmp/core* > ls: cannot access /tmp/core*: No such file or directory > {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org