Mercurial > dovecot > original-hg > dovecot-1.2
changeset 8798:c9381a0fdc5e HEAD
Improved logging for core dumping. With Linux use PR_SET_DUMPABLE for imap/pop3.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 02 Mar 2009 21:04:11 -0500 |
parents | 3e3aba4a3acd |
children | 969d23a89379 |
files | configure.in src/imap/main.c src/lib/restrict-access.c src/lib/restrict-access.h src/master/child-process.c src/master/common.h src/master/main.c src/pop3/main.c |
diffstat | 8 files changed, 63 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/configure.in Mon Mar 02 20:23:31 2009 -0500 +++ b/configure.in Mon Mar 02 21:04:11 2009 -0500 @@ -1056,6 +1056,18 @@ AC_DEFINE(HAVE_RLIMIT_CORE,, Define if you have RLIMIT_CORE for getrlimit()) ],[]) +AC_MSG_CHECKING([PR_SET_DUMPABLE]) +AC_TRY_LINK([ + #include <sys/prctl.h> +], [ + prctl(PR_SET_DUMPABLE, 1, 0, 0, 0); +], [ + AC_DEFINE(HAVE_PR_SET_DUMPABLE,, Define if you have prctl(PR_SET_DUMPABLE)) + AC_MSG_RESULT(yes) +], [ + AC_MSG_RESULT(no) +]) + dnl * Linux compatible mremap() AC_MSG_CHECKING([Linux compatible mremap()]) AC_TRY_LINK([
--- a/src/imap/main.c Mon Mar 02 20:23:31 2009 -0500 +++ b/src/imap/main.c Mon Mar 02 21:04:11 2009 -0500 @@ -157,6 +157,7 @@ } restrict_access_by_env(!IS_STANDALONE()); + restrict_access_allow_coredumps(TRUE); } static void main_init(void)
--- a/src/lib/restrict-access.c Mon Mar 02 20:23:31 2009 -0500 +++ b/src/lib/restrict-access.c Mon Mar 02 21:04:11 2009 -0500 @@ -13,6 +13,9 @@ #include <time.h> #include <pwd.h> #include <grp.h> +#ifdef HAVE_PR_SET_DUMPABLE +# include <sys/prctl.h> +#endif static gid_t process_primary_gid = (gid_t)-1; static gid_t process_privileged_gid = (gid_t)-1; @@ -370,6 +373,13 @@ env_put("RESTRICT_GID_LAST="); } +void restrict_access_allow_coredumps(bool allow ATTR_UNUSED) +{ +#ifdef HAVE_PR_SET_DUMPABLE + (void)prctl(PR_SET_DUMPABLE, allow, 0, 0, 0); +#endif +} + int restrict_access_use_priv_gid(void) { i_assert(!process_using_priv_gid);
--- a/src/lib/restrict-access.h Mon Mar 02 20:23:31 2009 -0500 +++ b/src/lib/restrict-access.h Mon Mar 02 21:04:11 2009 -0500 @@ -15,6 +15,10 @@ environment settings and we have root uid or gid. */ void restrict_access_by_env(bool disallow_root); +/* Try to set up the process in a way that core dumps are still allowed + after calling restrict_access_by_env(). */ +void restrict_access_allow_coredumps(bool allow); + /* If privileged_gid was set, these functions can be used to temporarily gain access to the group. */ int restrict_access_use_priv_gid(void);
--- a/src/master/child-process.c Mon Mar 02 20:23:31 2009 -0500 +++ b/src/master/child-process.c Mon Mar 02 21:04:11 2009 -0500 @@ -127,6 +127,35 @@ return NULL; } +static void +log_coredump(string_t *str, enum process_type process_type, int status) +{ +#ifdef WCOREDUMP + int signum = WTERMSIG(status); + + if (WCOREDUMP(status)) { + str_append(str, " (core dumped)"); + return; + } + + if (signum != SIGABRT && signum != SIGSEGV && signum != SIGBUS) + return; + + /* let's try to figure out why we didn't get a core dump */ + if (process_type != PROCESS_TYPE_IMAP && + process_type != PROCESS_TYPE_POP3) + str_append(str, " (core not dumped)"); +#ifndef HAVE_PR_SET_DUMPABLE + else if (!settings_root->defaults->mail_drop_priv_before_exec) + str_append(str, " (core not dumped - set mail_drop_priv_before_exec=yes)"); +#endif + else if (core_dumps_disabled) + str_printfa(str, " (core dumps disabled)"); + else + str_append(str, " (core not dumped - is home dir set?)"); +#endif +} + static void sigchld_handler(int signo ATTR_UNUSED, void *context ATTR_UNUSED) { @@ -181,6 +210,7 @@ str_printfa(str, "child %s (%s) killed with signal %d", dec2str(pid), process_type_name, WTERMSIG(status)); + log_coredump(str, process_type, status); } if (str_len(str) > 0) {
--- a/src/master/common.h Mon Mar 02 20:23:31 2009 -0500 +++ b/src/master/common.h Mon Mar 02 21:04:11 2009 -0500 @@ -15,6 +15,7 @@ extern char ssl_manual_key_password[]; extern const char *env_tz; extern bool auth_success_written; +extern bool core_dumps_disabled; #ifdef DEBUG extern bool gdb; #endif
--- a/src/master/main.c Mon Mar 02 20:23:31 2009 -0500 +++ b/src/master/main.c Mon Mar 02 21:04:11 2009 -0500 @@ -46,6 +46,7 @@ char ssl_manual_key_password[100]; const char *env_tz; bool auth_success_written; +bool core_dumps_disabled; #ifdef DEBUG bool gdb; #endif @@ -264,7 +265,9 @@ #define STARTUP_STRING PACKAGE_NAME" v"VERSION" starting up" rlim_t core_limit; - if (restrict_get_core_limit(&core_limit) == 0 && core_limit == 0) + core_dumps_disabled = restrict_get_core_limit(&core_limit) == 0 && + core_limit == 0; + if (core_dumps_disabled) i_info(STARTUP_STRING" (core dumps disabled)"); else i_info(STARTUP_STRING);