[openwrt]coredump设置
![[openwrt]coredump设置](http://pic.ttrar.cn/nice/%5bopenwrt%5dcor.jpg)
coredump开关
openwrt中一般默认没有打开coredump功能,所以我们要先开启改功能,按照下面的配置开启之后,如果进程异常崩溃了,则会在/tmp目录下生成coredump文件。
ulimit -c unlimited
coredump文件格式core_pattern
echo "/tmp/core-%e-%p-%t" > /proc/sys/kernel/core_pattern
%c 转储文件的大小上限
%e 所dump的文件名
%g 所dump的进程的实际组ID
%h 主机名
%p 所dump的进程PID
%s 导致本次coredump的信号
%t 转储时刻(由1970年1月1日起计的秒数)
%u 所dump进程的实际用户ID
echo "1" > /proc/sys/fs/suid_dumpable
/proc/sys/fs/suid_dumpable (since Linux 2.6.13)
The value in this file determines whether core dump files are produced for set-
user-ID or otherwise protected/tainted binaries. Three different integer val‐
ues can be specified:
0 (default)
This provides the traditional (pre-Linux 2.6.13) behavior. A core dump
will not be produced for a process which has changed credentials (by
calling seteuid(2), setgid(2), or similar, or by executing a set-user-ID
or set-group-ID program) or whose binary does not have read permission
enabled.
1 ("debug")
All processes dump core when possible. The core dump is owned by the
filesystem user ID of the dumping process and no security is applied.
This is intended for system debugging situations only. Ptrace is
unchecked.
2 ("suidsafe")
Any binary which normally would not be dumped (see "0" above) is dumped
readable by root only. This allows the user to remove the core dump
file but not to read it. For security reasons core dumps in this mode
will not overwrite one another or other files. This mode is appropriate
when administrators are attempting to debug problems in a normal envi‐
ronment.
Additionally, since Linux 3.6, /proc/sys/kernel/core_pattern must either
be an absolute pathname or a pipe command, as detailed in core(5).
Warnings will be written to the kernel log if core_pattern does not fol‐
low these rules, and no core dump will be produced.
手动触发coredump
kill -s SIGABRT pid 或者 kill -6 pid
kill -s SIGSEGV pid 或者 kill -11 pid
man 5 core可以查看linux对coredump的说明。
