Date: Fri, 1 Apr 2016 07:26:24 +0200 From: Terje Elde <terje@elde.net> To: J David <j.david.lists@gmail.com> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>, "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org> Subject: Re: Catching core files in read-only jails Message-ID: <16281C09-B7D2-43C4-B2E1-98AF02DAB24A@elde.net> In-Reply-To: <CABXB=RTHetL-mjehjSaTVT2ipLTQySE2Y8UCUQXcM7_hWV3g_Q@mail.gmail.com> References: <CABXB=RTHetL-mjehjSaTVT2ipLTQySE2Y8UCUQXcM7_hWV3g_Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 01 Apr 2016, at 06:45, J David <j.david.lists@gmail.com> wrote: >=20 > If an application is running on a production server in a read-only > jail for security purposes, and it crashes occasionally due to some > unknown bug, is there any way to catch a core file? Wherever you allow it to write core files, would be writable by the jail, at= least those files. It's tempting to recommend a single writable, but no-exe= c and no-suid dir inside the jail, and point cores there. It's an easy fix, a= nd the alternative - allow writes outside the jail - probably isn't any bett= er. If you're concerned about something being persisted in the jail, you can wip= e or even recreate that dir whenever you're starting the jail.=20 Terje
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?16281C09-B7D2-43C4-B2E1-98AF02DAB24A>