How to enable coredumps for daemon process (services) in RHEL
Environment
- Red Hat Enterprise Linux (RHEL) 5
- Red Hat Enterprise Linux (RHEL) 6
- Red Hat Enterprise Linux (RHEL) 7
- Red Hat Enterprise Linux (RHEL) 8
- Red Hat Enterprise Linux (RHEL) 9
Issue
- How to enable coredumps for daemon process (services) in RHEL
Resolution
-
Core dumps are not generated by processes that are running
setuid()
to prevent sensitive information being leaked. This is a default behaviour on Linux systems. Daemon process runningsetuid()
would not dump core. Please note that a process that executesset-use-ID
ed program behaves as a process runningsetuid()
.- To enable core dumps for
setuid()
programs (for the running kernel, not persistent over reboots):
#"suidsafe" (recommended) - protect privileged information by having the core dump be owned by and only readable for root: # sysctl -w fs.suid_dumpable=2 #”debug" (may cause privileged information to be leaked): # sysctl -w fs.suid_dumpable=1
- For permanent settings (persistent over reboots), add the below in
sysctl
configuration in/etc/sysctl.conf
.
fs.suid_dumpable = 2
- Reload in
sysctl
settings.
# sysctl -p
- To enable core dumps for
-
Note that changes to ulimit [1] settings do not affect daemon processes which are already running, so you need to restart any daemons for which you want to enable core dumps. Alternatively, you can reboot the system to have the new settings take effect for all daemons.
Configurations for different RHEL versions :
-
Red Hat Enterprise Linux 5 :
- Add the below
sysctl
parameters.
kernel.core_pattern=/var/tmp/core kernel.core_uses_pid=1 fs.suid_dumpable=2
/var/tmp/core
is an example in above configuration.# sysctl -p
- Enable daemon corefile limit globally by editing the
/etc/sysconfig/init
file.
# Added to enable coredumps for daemon processes DAEMON_COREFILE_LIMIT='unlimited'
- Make sure that below line is uncommented in
/etc/init.d/functions
corelimit="ulimit -S -c ${DAEMON_COREFILE_LIMIT:-0}"
- Add the below
-
Red Hat Enterprise Linux 6 :
- Add the below
sysctl
parameters.
fs.suid_dumpable=2
# sysctl -p
- Enable daemon corefile limit globally by editing the
/etc/sysconfig/init
file.
# Added to enable coredumps for daemon processes DAEMON_COREFILE_LIMIT='unlimited'
- Make sure that below line is uncommented in
/etc/init.d/functions
corelimit="ulimit -S -c ${DAEMON_COREFILE_LIMIT:-0}"
- Add the below
-
Red Hat Enterprise Linux 7, 8, 9 :
- In
RHEL 7, 8, 9
, the limit is set bysystemd
, add the following setting in/etc/systemd/system.conf
and runsystemctl daemon-reexec
.
DefaultLimitCORE=infinity
- Now, add the below
sysctl
parameters.
fs.suid_dumpable=2
# sysctl -p
- Refer to this KB How to collect application coredump without abrtd service in RHEL7, 8, 9? for details.
- In
-
Red Hat Enterprise Linux 6, 7 and 8
has a service called ABRT [2], which automatically collects the core dump files on the server and stores them inside the/var/spool/abrt
. Thekernel.core_pattern
values are managed byabrtd
services.
Additional References :
[1] How to enable core file dumps when an application crashes or segmentation faults
[2] How to collect core dump file of a crashing program that is shipped in Red Hat Enterprise Linux 6/7/8?
[3] How to collect application coredump without abrtd service in RHEL7
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments