cannot get core dump of crashing freeradius

Alan Buxey A.L.M.Buxey at lboro.ac.uk
Mon Apr 19 16:43:55 CEST 2010


Hi,

> Maybe the info about /proc/sys/fs/suid_dumpable should be added to
> doc/bugs...

to quote the man page:

       /proc/sys/fs/suid_dumpable (since Linux 2.6.13)
              The  value  in  this file determines whether core dump files are
              produced for set-user-ID or  otherwise  protected/tainted  bina-
              ries.  Three different integer values can be specified:

              0 (default)  This  provides  the  traditional (pre-Linux 2.6.13)
              behavior.  A core dump will not be produced for a process  which
              has  changed  credentials  (by calling seteuid(2), setgid(2), or
              similar, or by executing a set-user-ID or set-group-ID  program)
              or whose binary does not have read permission enabled.

              1 ("debug")  All  processes  dump  core when possible.  The core
              dump is owned by the file system user ID of the dumping  process
              and  no security is applied.  This is intended for system debug-
              ging situations only.  Ptrace is unchecked.

              2 ("suidsafe") Any binary which normally  would  not  be  dumped
              (see  "0"  above)  is dumped readable by root only.  This allows
              the user to remove the core dump file but not to read  it.   For
              security  reasons core dumps in this mode will not overwrite one
              another or other files.  This mode is appropriate when  adminis-
              trators  are  attempting  to debug problems in a normal environ-
              ment.


i dont think this got enough coverage in most information outlets..in fact
2.6.13 has been around for a while but today was the first time i learnt of
that behaviour. 

maybe FreeRADIUS code updated to detect this value...and if its set to 0
then it could mention it in the debug output? ;-)

alan



More information about the Freeradius-Users mailing list