tree-wide: introduce disable_core_dumps helper and port existing users

Changes the core_pattern to prevent any core dumps by the kernel. Does nothing if we're in a container environment as this is system wide setting.
2018-01-10 10:36:14 +01:00 · 2018-01-10 10:36:14 +01:00 · 9ce1759311
parent 27c34f732e
commit 9ce1759311
4 changed files with 12 additions and 2 deletions
--- a/src/basic/util.c
+++ b/src/basic/util.c
@ -61,6 +61,7 @@
 #include "umask-util.h"
 #include "user-util.h"
 #include "util.h"
+#include "virt.h"

 int saved_argc = 0;
 char **saved_argv = NULL;
@ -615,3 +616,9 @@ int str_verscmp(const char *s1, const char *s2) {

        return strcmp(os1, os2);
 }
+
+/* Turn off core dumps but only if we're running outside of a container. */
+void disable_core_dumps(void) {
+        if (detect_container() <= 0)
+                (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0);
+}
--- a/src/basic/util.h
+++ b/src/basic/util.h
@ -191,3 +191,5 @@ int update_reboot_parameter_and_warn(const char *param);
 int version(void);

 int str_verscmp(const char *s1, const char *s2);
+
+void disable_core_dumps(void);
--- a/src/core/main.c
+++ b/src/core/main.c
@ -91,6 +91,7 @@
 #include "terminal-util.h"
 #include "umask-util.h"
 #include "user-util.h"
+#include "util.h"
 #include "virt.h"
 #include "watchdog.h"

@ -1603,7 +1604,7 @@ static void initialize_coredump(bool skip_setup) {
        /* But at the same time, turn off the core_pattern logic by default, so that no coredumps are stored
         * until the systemd-coredump tool is enabled via sysctl. */
        if (!skip_setup)
-                (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0);
+                disable_core_dumps();
 }

 static void do_reexecute(
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@ -1126,7 +1126,7 @@ static int gather_pid_metadata(
                /* If this is PID 1 disable coredump collection, we'll unlikely be able to process it later on. */
                if (is_pid1_crash((const char**) context)) {
                        log_notice("Due to PID 1 having crashed coredump collection will now be turned off.");
-                        (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0);
+                        disable_core_dumps();
                }

                set_iovec_field(iovec, n_iovec, "COREDUMP_UNIT=", context[CONTEXT_UNIT]);