英文:
Generate core dump for a process run by sudo
问题
向我的 `/etc/security/limits.conf` 文件中添加以下行并重新启动:
root soft core unlimited
-
soft core unlimited
现在核心转储文件会在我的用户和 `sudo su` 下生成。在这两种情况下,`ulimit -a` 都会显示我所期望的:
core file size (blocks, -c) unlimited
但是当我在我的用户下运行 `sudo bash -c "ulimit -a"` 时,我得到:
core file size (blocks, -c) 0
并且对于使用 `sudo` 运行并被 SIGSEGV 破坏的进程不会在 `/var/lib/apport/coredump/` 生成核心转储。即使运行以下命令也无济于事:`sudo bash -c "ulimit -c unlimited"`。
该如何处理?请问为什么 sudo 的核心转储限制与 root 的不同?我期望当我运行 `sudo bash -c "ulimit -a"` 时,我会得到 root 的值。谢谢。
英文:
To my /etc/security/limits.conf
I add the following lines and rebooted:
root soft core unlimited
* soft core unlimited
Now core dumps are generated under my user and under sudo su
. And in both cases ulimit -a
shows me the desired:
core file size (blocks, -c) unlimited
But when under my user I run sudo bash -c "ulimit -a"
I get:
core file size (blocks, -c) 0
and core dumps for processes run with sudo
and destroyed e.g. by SIGSEGV are not generated at /var/lib/apport/coredump/
. This command also does not help: sudo bash -c "ulimit -c unlimited"
.
What can be done? Could you, please explain, why the core dump limit for sudo is different than that of root? I expected that when I run sudo bash -c "ulimit -a"
I would get values for root. Thank you.
答案1
得分: 1
cat /etc/sudoers.d/mysudoers
Defaults rlimit_core=default
这个答案可以在这里找到:
解释:
https://manpages.ubuntu.com/manpages/jammy/en/man5/sudoers.5.html :
资源限制
... 唯一的例外是核心转储文件大小,这是由sudoers默认设置为0。默认情况下禁用核心转储,可以避免潜在的安全问题,其中核心文件被视为可信输入。
此外,请注意,需要执行 kill -11 $mypid
,其中pid是./myapp
的pid,而不是其父进程sudo ./myapp
。注意:11代表SIGSEGV。
英文:
# cat /etc/sudoers.d/mysudoers
Defaults rlimit_core=default
The answer was found here:
The explanation:
https://manpages.ubuntu.com/manpages/jammy/en/man5/sudoers.5.html :
> Resource limits
... The one exception to this is the core dump file size,
which is set by sudoers to 0 by default. Disabling core dumps by default makes it possible
to avoid potential security problems where the core file is treated as trusted input.
Also, note that it's crucial to make kill -11 $mypid
, where the pid is that of ./myapp
, rather than its parent process sudo ./myapp
. Note: 11 is SIGSEGV.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论