From owner-freebsd-stable@FreeBSD.ORG  Wed Nov  1 21:18:05 2006
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3940116A40F
	for <freebsd-stable@freebsd.org>; Wed,  1 Nov 2006 21:18:05 +0000 (UTC)
	(envelope-from jdc@koitsu.dyndns.org)
Received: from sccrmhc11.comcast.net (sccrmhc11.comcast.net [204.127.200.81])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 62E0F43D69
	for <freebsd-stable@freebsd.org>; Wed,  1 Nov 2006 21:18:00 +0000 (GMT)
	(envelope-from jdc@koitsu.dyndns.org)
Received: from icarus.home.lan
	(c-67-174-220-97.hsd1.ca.comcast.net[67.174.220.97])
	by comcast.net (sccrmhc11) with ESMTP
	id <2006110121175901100cjno0e>; Wed, 1 Nov 2006 21:17:59 +0000
Received: by icarus.home.lan (Postfix, from userid 1000)
	id B90AC1FA01A; Wed,  1 Nov 2006 13:17:58 -0800 (PST)
Date: Wed, 1 Nov 2006 13:17:58 -0800
From: Jeremy Chadwick <freebsd@jdc.parodius.com>
To: Nguyen Tam Chinh <chinhngt@sectorb.msk.ru>
Message-ID: <20061101211758.GA38225@icarus.home.lan>
Mail-Followup-To: Nguyen Tam Chinh <chinhngt@sectorb.msk.ru>,
	Mark Andrews <Mark_Andrews@isc.org>, freebsd-stable@freebsd.org
References: <200611011927.kA1JRCCE002777@drugs.dv.isc.org>
	<20061101231511.U923@it.hackers>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20061101231511.U923@it.hackers>
X-PGP-Key: http://jdc.parodius.com/pubkey.asc
User-Agent: Mutt/1.5.13 (2006-08-11)
Cc: Mark Andrews <Mark_Andrews@isc.org>, freebsd-stable@freebsd.org
Subject: Re: bind9 trouble in -PRERELEASE
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Nov 2006 21:18:05 -0000

On Wed, Nov 01, 2006 at 11:40:39PM +0300, Nguyen Tam Chinh wrote:
> I don't think that I can do a stack backtrace when named left no core 
> after that.

No core is being left either due to limits (limit/ulimit) being
imposed on the user or group 'bind', or because chroot precautions
are being used.

The way to work around this, assuming the box isn't being used by
end-users for application development (thus needing their own
corefiles for their apps), is to do the following in sysctl.conf:

kern.sugid_coredump=1
kern.corefile=/some/absolute/path/%N.%P.core

You can adjust these in realtime with sysctl as well.

Be sure to specify an absolute path that the 'bind' account has
write access to, and is big enough to fit a decent-sized coredump.
If you have a large /var filesystem, /var/tmp is an OK place.

-- 
| Jeremy Chadwick                                 jdc at parodius.com |
| Parodius Networking                        http://www.parodius.com/ |
| UNIX Systems Administrator                   Mountain View, CA, USA |
| Making life hard for others since 1977.               PGP: 4BD6C0CB |