Date: Fri, 1 Apr 2016 07:26:24 +0200 From: Terje Elde <terje@elde.net> To: J David <j.david.lists@gmail.com> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>, "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org> Subject: Re: Catching core files in read-only jails Message-ID: <16281C09-B7D2-43C4-B2E1-98AF02DAB24A@elde.net> In-Reply-To: <CABXB=RTHetL-mjehjSaTVT2ipLTQySE2Y8UCUQXcM7_hWV3g_Q@mail.gmail.com> References: <CABXB=RTHetL-mjehjSaTVT2ipLTQySE2Y8UCUQXcM7_hWV3g_Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 01 Apr 2016, at 06:45, J David <j.david.lists@gmail.com> wrote: > > If an application is running on a production server in a read-only > jail for security purposes, and it crashes occasionally due to some > unknown bug, is there any way to catch a core file? Wherever you allow it to write core files, would be writable by the jail, at least those files. It's tempting to recommend a single writable, but no-exec and no-suid dir inside the jail, and point cores there. It's an easy fix, and the alternative - allow writes outside the jail - probably isn't any better. If you're concerned about something being persisted in the jail, you can wipe or even recreate that dir whenever you're starting the jail. Terje
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?16281C09-B7D2-43C4-B2E1-98AF02DAB24A>