in mworker mode used with uid/gid settings, it was not possible to get
a coredump despite the set-dumpable option.
indeed prctl(2) manual page specifies the dumpable attribute is reverted
to `/proc/sys/fs/suid_dumpable` in a few conditions such as process
effective user and group are changed.

this patch duplicates the prctl part done earlier in the init, but after
the uid/gid changes. There might be a cleaner way to do it and avoid
code duplication.

this patch should be backported in 2.0.

Signed-off-by: William Dauchy <w.dau...@criteo.com>
---
 src/haproxy.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/haproxy.c b/src/haproxy.c
index cf23c396..2fee07b5 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -3332,6 +3332,15 @@ int main(int argc, char **argv)
                        exit(1);
                }
 
+               /* if the process's effective uid or gid changed set dumpable 
has been reset */
+               if (global.tune.options & GTUNE_SET_DUMPABLE) {
+#if defined(USE_PRCTL)
+                       if (prctl(PR_SET_DUMPABLE, 1, 0, 0, 0) == -1)
+                               ha_warning("[%s.main()] Failed to set the 
dumpable flag, "
+                                          "no core will be dumped.\n", 
argv[0]);
+#endif
+               }
+
                /* pass through every cli socket, and check if it's bound to
                 * the current process and if it exposes listeners sockets.
                 * Caution: the GTUNE_SOCKET_TRANSFER is now set after the fork.
-- 
2.24.0


Reply via email to