Merge pull request #7836 from jkloetzke/shutdown-no-coredumps

shutdown: prevent core dumps in final shutdown stage
2018-01-10 15:15:07 +01:00 · 2018-01-10 15:15:07 +01:00 · 4631116dd9
parent 2de9740c1c 27b372c1c2
commit 4631116dd9
5 changed files with 15 additions and 2 deletions
--- a/src/basic/util.c
+++ b/src/basic/util.c
@ -61,6 +61,7 @@
 #include "umask-util.h"
 #include "user-util.h"
 #include "util.h"
+#include "virt.h"

 int saved_argc = 0;
 char **saved_argv = NULL;
@ -615,3 +616,9 @@ int str_verscmp(const char *s1, const char *s2) {

        return strcmp(os1, os2);
 }
+
+/* Turn off core dumps but only if we're running outside of a container. */
+void disable_core_dumps(void) {
+        if (detect_container() <= 0)
+                (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0);
+}
--- a/src/basic/util.h
+++ b/src/basic/util.h
@ -191,3 +191,5 @@ int update_reboot_parameter_and_warn(const char *param);
 int version(void);

 int str_verscmp(const char *s1, const char *s2);
+
+void disable_core_dumps(void);
--- a/src/core/main.c
+++ b/src/core/main.c
@ -91,6 +91,7 @@
 #include "terminal-util.h"
 #include "umask-util.h"
 #include "user-util.h"
+#include "util.h"
 #include "virt.h"
 #include "watchdog.h"

@ -1603,7 +1604,7 @@ static void initialize_coredump(bool skip_setup) {
        /* But at the same time, turn off the core_pattern logic by default, so that no coredumps are stored
         * until the systemd-coredump tool is enabled via sysctl. */
        if (!skip_setup)
-                (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0);
+                disable_core_dumps();
 }

 static void do_reexecute(
--- a/src/core/shutdown.c
+++ b/src/core/shutdown.c
@ -323,6 +323,9 @@ int main(int argc, char *argv[]) {
        if (!in_container)
                sync_with_progress();

+        /* Prevent coredumps */
+        disable_core_dumps();
+
        log_info("Sending SIGTERM to remaining processes...");
        broadcast_signal(SIGTERM, true, true);

--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@ -1126,7 +1126,7 @@ static int gather_pid_metadata(
                /* If this is PID 1 disable coredump collection, we'll unlikely be able to process it later on. */
                if (is_pid1_crash((const char**) context)) {
                        log_notice("Due to PID 1 having crashed coredump collection will now be turned off.");
-                        (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0);
+                        disable_core_dumps();
                }

                set_iovec_field(iovec, n_iovec, "COREDUMP_UNIT=", context[CONTEXT_UNIT]);