Subject: Re: inn 2.1 dies
To: Jukka Marin <jmarin@pyy.jmp.fi>
From: Greg A. Woods <woods@most.weird.com>
List: port-sparc
Date: 01/22/1999 17:30:27
[ On Fri, January 22, 1999 at 22:42:12 (+0200), Jukka Marin wrote: ]
> Subject: inn 2.1 dies
>
> I have been running inn 2.1 (built from pkgsrc) under SS1+ for a few
> weeks now. Everything works just fine - until innd suddenly dies
> without a trace. No core dumps, no log messages (neither in syslogs,
> nor in inn logs). Sometimes inn works for almost a week, sometimes it
> dies in less than two days.
I dunno if inn is (still?) setuid or not, but in any case you might find
the following patch (for 1.3.3, but almost identical for -current)
helpful for knowing if a process really wanted to dump core. I had
hoped this change would be made to NetBSD, but one developer objected
rather strenuously but without any rational explanation....
Index: kern_sig.c
===================================================================
RCS file: /cvs/NetBSD-1.3/sys/kern/kern_sig.c,v
retrieving revision 1.1.1.2
diff -u -r1.1.1.2 kern_sig.c
--- kern_sig.c 1998/12/27 22:16:47 1.1.1.2
+++ kern_sig.c 1999/01/15 17:34:04
@@ -1007,12 +1007,43 @@
register struct proc *p;
int signum;
{
+ int error;
p->p_acflag |= AXSIG;
if (sigprop[signum] & SA_CORE) {
p->p_sigacts->ps_sig = signum;
- if (coredump(p) == 0)
+ if ((error = coredump(p)) == 0)
signum |= WCOREFLAG;
+ /* XXX it would be really really cool if we logged the cwd too! */
+ switch (error) { /* too bad strerror() isn't in the kernel.... */
+ case 0:
+ log(LOG_DEBUG, "%s: pid %d dumped core\n", p->p_comm, p->p_pid);
+ break;
+ case EAUTH:
+ log(LOG_ERR, "%s: pid %d was set-id, core dump not permitted\n", p->p_comm, p->p_pid);
+ uprintf("%s: pid %d was set-id, core dump not permitted\n", p->p_comm, p->p_pid);
+ break;
+ case EFBIG:
+ log(LOG_NOTICE, "%s: pid %d core dump would exceed rlimit\n", p->p_comm, p->p_pid);
+ uprintf("%s: pid %d core dump would exceed rlimit\n", p->p_comm, p->p_pid);
+ break;
+ case EINVAL:
+ log(LOG_WARNING, "%s: pid %d core dump not permitted over non-regular file\n", p->p_comm, p->p_pid);
+ uprintf("%s: pid %d core dump not permitted over non-regular file\n", p->p_comm, p->p_pid);
+ break;
+ case ENXIO:
+ log(LOG_NOTICE, "%s: pid %d filesystem mount flag prevented core dump\n", p->p_comm, p->p_pid);
+ uprintf("%s: pid %d filesystem mount flag prevented core dump\n", p->p_comm, p->p_pid);
+ break;
+ case EPERM:
+ log(LOG_WARNING, "%s: pid %d core dump not permitted\n", p->p_comm, p->p_pid);
+ uprintf("%s: pid %d core dump not permitted\n", p->p_comm, p->p_pid);
+ break;
+ default:
+ log(LOG_NOTICE, "%s: pid %d core dump failed [%d]\n", p->p_comm, p->p_pid, error);
+ uprintf("%s: pid %d core dump failed [%d]\n", p->p_comm, p->p_pid, error);
+ break;
+ }
}
exit1(p, W_EXITCODE(0, signum));
/* NOTREACHED */
@@ -1039,7 +1070,7 @@
* Make sure the process has not set-id, to prevent data leaks.
*/
if (p->p_flag & P_SUGID)
- return (EPERM);
+ return (EAUTH); /* XXX is there a better error code? */
/*
* Refuse to core if the data + stack + user size is larger than
@@ -1058,7 +1089,7 @@
vp = p->p_fd->fd_cdir;
if (vp->v_mount == NULL ||
(vp->v_mount->mnt_flag & MNT_NOCOREDUMP) != 0)
- return (EPERM);
+ return (ENXIO); /* XXX is there a better error code? */
sprintf(name, "%s.core", p->p_comm);
NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, name, p);
--
Greg A. Woods
+1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>