[jira] [Updated] (DISPATCH-130) qdrouterd with --daemon and --user options does not dump core.

Thu, 02 Apr 2015 12:15:11 -0700 

     [ 
https://issues.apache.org/jira/browse/DISPATCH-130?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Alan Conway updated DISPATCH-130:
---------------------------------
    Attachment: qdrouterd

The problem is that if you start qdrouterd as root and it changes it own uid 
via the --user option, the kernel still considers it a privileged process and 
will not allow it to dump core without special shenaniagans. This is because it 
*could* have gotten sensitive information into memory while it was a root 
process so a core file might be a security risk.

The solution is to start as a non-root user and not use the --user option.
Attached is an example SYSV init script that does so, it was tested on RHEL6 
but something very like it should work on any SYSV-based system. No systemd 
script available but the same logic would apply.

> qdrouterd with --daemon and --user options does not dump core.
> --------------------------------------------------------------
>
>                 Key: DISPATCH-130
>                 URL: https://issues.apache.org/jira/browse/DISPATCH-130
>             Project: Qpid Dispatch
>          Issue Type: Bug
>          Components: Container
>    Affects Versions: 0.3
>            Reporter: Alan Conway
>            Assignee: Alan Conway
>             Fix For: 0.4
>
>         Attachments: qdrouterd
>
>
> If qdroutered is started with --daemon and --user options, and then is killed 
> with SIGABRT or crashes, it does not produce a core file. Note both --daemon 
> and --user are reqiured to produce the problem, either alone does not. Tested 
> on RHEL6 and Fedora 21 as follows:
> Send core files in /tmp, since --daemon will set current directory to /
> {noformat}
> # echo /tmp/core.%e.%p > /proc/sys/kernel/core_pattern
> {noformat}
> Verify we do get a core file with just --daemon
> {noformat}
> # qdrouterd --daemon
> # pkill -e -6 qdrouterd
> qdrouterd killed (pid 11482)
> # ls /tmp/core*
> /tmp/core.qdrouterd.11482
> {noformat}
> Now add --user 
> {noformat}
> # rm /tmp/core*
> # qdrouterd --daemon --user aconway
> # pkill -e -6 qdrouterd
> qdrouterd killed (pid 11432)
> # ls /tmp/core*
> ls: cannot access /tmp/core*: No such file or directory
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

Reply via email to