From: Zbigniew Jędrzejewski-Szmek Date: Thu, 30 Mar 2023 08:04:18 +0000 (+0200) Subject: pid1: fully disable coredumping to $PWD X-Git-Tag: v254-rc1~857 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=26134d198a00cd3b60028b384b307c0c2d219752;p=thirdparty%2Fsystemd.git pid1: fully disable coredumping to $PWD We have three states: - ENABLE_COREDUMP and systemd-coredump is installed, - ENABLE_COREDUMP but systemd-coredump is not installed, - !ENABLE_COREDUMP. In the last case we would not do any coredumping-related setup in pid1, which means that coredumps would go to to the working directory of the process, but actually limits are set to 0. This is inherited by children of pid1. As discussed extensively in https://github.com/systemd/systemd/pull/26607, this default is bad: dumps are written to arbitrary directories and not cleaned up. Nevertheless, the kernel cannot really fix it. It doesn't know where to write, and it doesn't know when that place would become available. It is only the userspace that can tell this to the kernel. So the only sensible change in the kernel would be to default to '|/bin/false', i.e. do what we do now. In the middle case, we disabled writing of coredumps via a pattern, but raise the RLIMIT_CORE. We need to raise the limit because we can't raise it later after processes have been forked off. This means we behave correctly, but allow coredumping to be enabled at a later point without a reboot. This patch makes the last case behave like the middle case. This means that even if systemd is compiled with systemd-coredump, it still does the usual setup. If users want to restore the kernel default, they need to provide two drop-in files: for sysctl.d, with 'kernel.core_pattern=core' for systemd.conf, with 'DefaultLimitCORE=0'. The general idea is that pid1 does the safe thing. A distro may want to use something different than the systemd-coredump machinery, and then that would could packaged together with the drop-ins to change the configuration. Alternative-for: #26607 --- diff --git a/src/core/main.c b/src/core/main.c index 88bef6740cc..4668d6bc84a 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -1703,7 +1703,6 @@ static void cmdline_take_random_seed(void) { } static void initialize_coredump(bool skip_setup) { -#if ENABLE_COREDUMP if (getpid_cached() != 1) return; @@ -1717,7 +1716,6 @@ static void initialize_coredump(bool skip_setup) { * command line later so core dumps can still be generated during early startup and in initrd. */ if (!skip_setup) disable_coredumps(); -#endif } static void initialize_core_pattern(bool skip_setup) {