in mworker mode used with uid/gid settings, it was not possible to get
a coredump despite the set-dumpable option.
indeed prctl(2) manual page specifies the dumpable attribute is reverted
to `/proc/sys/fs/suid_dumpable` in a few conditions such as process
effective user and group are changed.
this patch duplicates the prctl part done earlier in the init, but after
the uid/gid changes. There might be a cleaner way to do it and avoid
code duplication.
this patch should be backported in 2.0.
Signed-off-by: William Dauchy <w.dau...@criteo.com>
---
src/haproxy.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/haproxy.c b/src/haproxy.c
index cf23c396..2fee07b5 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -3332,6 +3332,15 @@ int main(int argc, char **argv)
exit(1);
}
+ /* if the process's effective uid or gid changed set dumpable
has been reset */
+ if (global.tune.options & GTUNE_SET_DUMPABLE) {
+#if defined(USE_PRCTL)
+ if (prctl(PR_SET_DUMPABLE, 1, 0, 0, 0) == -1)
+ ha_warning("[%s.main()] Failed to set the
dumpable flag, "
+ "no core will be dumped.\n",
argv[0]);
+#endif
+ }
+
/* pass through every cli socket, and check if it's bound to
* the current process and if it exposes listeners sockets.
* Caution: the GTUNE_SOCKET_TRANSFER is now set after the fork.
--
2.24.0
