Catching core files in read-only jails
Terje Elde
terje at elde.net
Fri Apr 1 05:35:00 UTC 2016
> On 01 Apr 2016, at 06:45, J David <j.david.lists at gmail.com> wrote:
>
> If an application is running on a production server in a read-only
> jail for security purposes, and it crashes occasionally due to some
> unknown bug, is there any way to catch a core file?
Wherever you allow it to write core files, would be writable by the jail, at least those files. It's tempting to recommend a single writable, but no-exec and no-suid dir inside the jail, and point cores there. It's an easy fix, and the alternative - allow writes outside the jail - probably isn't any better.
If you're concerned about something being persisted in the jail, you can wipe or even recreate that dir whenever you're starting the jail.
Terje
More information about the freebsd-questions
mailing list