Having hard time enabling core dump on CentOS 8.
followed the following steps but did not help. Any idea?
https://www.thegeekdiary.com/how-to-ena ... ntos-rhel/
Thank you!
enable core dump on CentOS 8
Re: enable core dump on CentOS 8
This is a slow moving issue. There's an exact same one 7 years back on CentOS 7 that went mostly unanswered with the only lead pointing to kernel dumps instead of application core dumps. I'm a bit of a Linux neophyte having grown up under BSD where core dumps always show up when they happen and you even get a daemon email about them on reboot.
But I ran into the need to inspect a core dump yesterday and came here after all of google and stack overflow came up empty. I was experimenting on redeploying an old C-API library in Python3.x and the firecrackers started going off.
To cut the long story short, I was stuck just as the OP here and eventually I was able to dump cores freely when I decided to do this development mess as the root user. Obviously this facility is being designed by LT's kernel crowd and not the RMS userland crowd.
To extrapolate, you'd have to arrange the various crash dump core conf.d bits to be developer resource oriented instead of the default /var/crash that belongs to single user mode.
I wanted to post this yesterday when I was in the heat of it and would have posted a possible configuration supporting that; but the Forum would not let me and its taken a day to get in when most of the adrenalin has been consumed elsewhere ... And now. I am actually reluctant because you'd have to suggest code changes to support the userland version of what works out of the box only as root on CentOS 8.
But I ran into the need to inspect a core dump yesterday and came here after all of google and stack overflow came up empty. I was experimenting on redeploying an old C-API library in Python3.x and the firecrackers started going off.
To cut the long story short, I was stuck just as the OP here and eventually I was able to dump cores freely when I decided to do this development mess as the root user. Obviously this facility is being designed by LT's kernel crowd and not the RMS userland crowd.
To extrapolate, you'd have to arrange the various crash dump core conf.d bits to be developer resource oriented instead of the default /var/crash that belongs to single user mode.
I wanted to post this yesterday when I was in the heat of it and would have posted a possible configuration supporting that; but the Forum would not let me and its taken a day to get in when most of the adrenalin has been consumed elsewhere ... And now. I am actually reluctant because you'd have to suggest code changes to support the userland version of what works out of the box only as root on CentOS 8.
Re: enable core dump on CentOS 8
This is not a kernel vs userland thing. What matters here is (1) security, (2) security and (3) security.Obviously this facility is being designed by LT's kernel crowd and not the RMS userland crowd.
Remember that you can easily force an application to dump core by sending a suitable signal with kill, for example SIGABRT. In a core dump file you can inspect the memory state of the process. This way you can find in a core dump all kind of secrets that a process may hold in memory. So by default you cannot create a core dump file of a process that you do not own, including suid processes. And as you discovered, you also need to do some extra work to get core dumps from processes run as/by root. (By the way, this is the reason that core dump files have permissions set such that they are only readable by the executing user and not by other users.)
For a secure system it is also an issue that you consider disk space. Core dump files can be very large and could fill up the disk easily and completely. This is an attack vector to bring down a computer, as computers don't run very well when their disk is full. Therefor the maximum size of core dump files for users is limited or core dumping is disabled for them. Many servers run a task at regular intervals that scan the disks and remove old core dump files.
Processes may even disable their own capability of dumping core files. This is done sometimes by security critical processes like a database, license or authentication server.
See man 5 core for details.