gestion des cores

mercredi 17 septembre 2008
par  Jerome ROBERT
popularité : 4%


Fini les fichiers "core" répartie sur toute lµarborescance de votre
système !!

Voici un script qui va vous permettre de les possissionner dans un répertorie
de votre choix en utilisant la commande "coreadm".

Le script : 
core_script.sh

# ! /sbin/sh
#
mkdir -p /var/core/
coreadm -g /var/core/core.%f.%t.%u.%n
coreadm -d process -d global-setid -d proc-setid -e log -e global

Voici la page de man de la commande coreadm :

Maintenance Commands				      coreadm(1M)

NAME
coreadm - core file administration

SYNOPSIS
coreadm [ -g pattern ] [ -i pattern ] [ -d option ... ] [
-e option ... ]

coreadm [ -p pattern ] [ pid ... ]

coreadm -u

DESCRIPTION
The coreadm command is used to specify the name and location
of core files produced by abnormally-terminating processes.
See core(4).

The first form shown in the synopsis can be executed only by
the super-user and is used to configure system-wide core
file options, including a global core file name pattern and
a per-process core file name pattern for the init(1M) pro-
cess. All such settings are saved in coreadm’s configuration
file /etc/coreadm.conf for setting on reboot. See init(1M)

The second form can be executed by non-privileged users and
is used to specify the file name pattern to be used by the
operating system when generating a per-process core file.

The third form can be executed only by the super-user and is
used to update all system-wide core file options based on
the contents of /etc/coreadm.conf. Normally this option is
used only on reboot by the startup script
/etc/init.d/coreadm.

A core file name pattern is a normal file system path name
with embedded variables, specified with a leading % charac-
ter, that are expanded from values in effect when a core
file is generated by the operating system. The possible
variables are :

%p process-ID

%u effective user-ID

%g effective group-ID

%f executable file name

%n system node name (uname -n)

%m machine name (uname -m)

%t decimal value of time(2)

 %% literal %

For example, the core file name pattern :

/var/core/core.%f.%p
would result, for command foo with process-ID 1234, in the
core file name : /var/core/core.foo.1234

The coreadm command with no arguments reports the current
system configuration, for example :

$ coreadm
global core file pattern : /var/core/core.%f.%p
init core file pattern : core
global core dumps : enabled
per-process core dumps : enabled
global setid core dumps : enabled
per-process setid core dumps : disabled
global core dump logging : disabled

The coreadm command with only a list of process-IDs reports
each process’s per-process core file name pattern, for exam-
ple :

$ coreadm 278 5678
278 : core.%f.%p
5678 : /home/george/cores/%f.%p.%t
Only the owner of a process or the super-user can interro-
gate a process in this manner.

When a process is dumping core, the operating system will
generate two possible core files, the global core file and
the per-process core file. Both files, one or the other, or
no file will be generated, based on the system options in
effect at the time.

When generated, a global core file will be created mode 600
and will be owned by the super-user. Non-privileged users
cannot examine such files.

Ordinary per-process core files are created mode 600 under
the credentials of the process. The owner of the process can
examine such files.

A process that is or ever has been setuid or setgid since
its last exec(2), including a process that began life with
super-user privileges and gave up that privilege by way of
setuid(2), presents security issues with respect to dumping
core, as it may contain sensitive information in its address
space to which the current non-privileged owner of the pro-
cess should not have access. If setid core files are
enabled, they will be created mode 600 and will be owned by
the super-user.

OPTIONS
The following options are supported :

-g pattern
Set the global core file name pattern to pattern.
The pattern must start with a / and can contain
any of the special % variables described in the
DESCRIPTION.

Only super-users can use this option.

-i pattern
Set the per-process core file name pattern for
init(1M) to pattern. This is the same as coreadm
-p pattern 1 except that the setting will be per-
sistent across reboot.

Only super-users can use this option.

-e option...
Enable the specified core file option. Specify
option as one of the following :

global
Allow core dumps using global core pattern

process
Allow core dumps using per-process core
pattern

global-setid
Allow set-id core dumps using global core
pattern

proc-setid
Allow set-id core dumps using per-process
core pattern

log Generate a syslog(3C) message when genera-
tion of a global core file is attempted.

Multiple -e and -d options can be specified on the com-
mand line. Only super-users can use this option.

-d option...
Disable the specified core file option. See the
-e option for descriptions of possible options.

Multiple -e and -d options can be specified on
the command line. Only super-users can use this
option.

-p pattern
Set the per-process core file name pattern to
pattern for each of the specified process-IDs.
The pattern can contain any of the special %
variables described in the DESCRIPTION and need
not begin with /. If it does not begin with /, it
will be evaluated relative to the current direc-
tory in effect when the process generates a core
file.

A non-privileged user can apply the -p option
only to processes owned by that user. The super-
user can apply it to any process. The per-
process core file name pattern will be inherited
by future child processes of the affected
processes. See fork(2).

-u Update system-wide core file options from the
contents of the configuration file
/etc/coreadm.conf. If the configuration file is
missing or contains invalid values, default
values are substituted. Following the update, the
configuration file is resynchronized with the
system core file configuration. Only super-users
can use this option.

OPERANDS
The following operands are supported :

pid process-ID

EXIT STATUS
The following exit values are returned :

0 Successful completion.

1 A fatal error occurred while either obtaining or
modifying the system core file configuration.

2 Invalid command line options were specified.

EXAMPLES
Example 1 : Setting the core file name pattern

When executed from a user’s $HOME/.profile or $HOME/.login,
the following command sets the core file name pattern for
all processes run during the login session :

example$ coreadm -p core.%f.%p $$
$$ is the process-id of the currently running shell. The
per-process core file name pattern is inherited by all child
processes.

Example 2 : Dumping user’s files into a subdirectory

The following command dumps all of the user’s core dumps
into the corefiles subdirectory of the home directory,
discriminated by the system node name. This is useful for
users who use many different machines but have a shared home
directory.

example$ coreadm -p $HOME/corefiles/%n.%f.%p $$

FILES
/etc/init.d/coreadm

/etc/coreadm.conf

ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes :

____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWcsu |
|_____________________________|_____________________________|

SEE ALSO
gcore(1), init(1M), exec(2), fork(2), setuid(2), time(2),
syslog(3C), core(4), attributes(5)


Commentaires  Forum fermé

Navigation

Statistiques

Dernière mise à jour

mercredi 5 juillet 2017

Publication

264 Articles
Aucun album photo
Aucune brève
6 Sites Web
2 Auteurs

Visites

9 aujourd’hui
231 hier
545762 depuis le début
8 visiteurs actuellement connectés