bneradt opened a new pull request, #414: URL: https://github.com/apache/trafficserver-ci/pull/414
The traffic_crashlog helper uses ptrace to get backtraces from the crashed traffic_server process. For ptrace to work, the process needs either: 1. CAP_SYS_PTRACE in its effective capability set, or 2. YAMA ptrace_scope set to 0 (classic permissions) With Docker's --cap-add=SYS_PTRACE, the capability is only added to the container's initial process but not inherited by child processes like traffic_server and traffic_crashlog. Additionally, YAMA's default ptrace_scope=1 only allows tracing children, not parents. Using --privileged mode gives the container full capabilities and disables security restrictions, allowing traffic_crashlog to ptrace its parent process (traffic_server). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
