2014年8月8日 星期五

Linux Core Dump

CONFIG_ELF_CORE
CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS

Busybox uses softlimit to set RLIMIT_CORE.

sysctl -w "kernel.core_pattern=/var/cores/%h-%e-%p.core"; mkdir /var/cores -p;
sysctl -w "kernel.core_pattern=/core";
sysctl -w "kernel.core_pattern=/tmp/core-%e-%s-%u-%g-%p-%t";
sysctl -w "kernel.core_uses_pid=1";
sysctl -w "fs.suid_dumpable=2";

cat /proc/sys/kernel/core_pattern;
cat /proc/sys/kernel/core_uses_pid;
cat /proc/sys/fs/suid_dumpable;

mount -t tmpfs tmpfs /tmp;
softlimit -c 1048576 /mnt/app/test &

killall -11 test
kill -s SIGSEGV 8257
ls -al /var/cores
ls -al /tmp




Linux Applications Debugging Techniques/Core files - Wikibooks, open books for an open world
http://en.wikibooks.org/wiki/Linux_Applications_Debugging_Techniques/Core_files

HowTo: Debug Crashed Linux Application Core Files Like A Pro - nixCraft
http://www.cyberciti.biz/tips/linux-core-dumps.html

core(5) - Linux manual page
http://man7.org/linux/man-pages/man5/core.5.html

How to: Enable/Generate/Debug Core Dump In Linux? » IT Sprite
http://www.itsprite.com/how-to-enablegeneratedebug-core-dump-in-linux/

linux - Who generate a core dump file? Kernel or glibc? - Stack Overflow
http://stackoverflow.com/questions/20969239/who-generate-a-core-dump-file-kernel-or-glibc

Linux: Understanding how much is malloc'ed in a coredump (Kevin Grigorenko's IBM WebSphere SWAT Blog)
https://www.ibm.com/developerworks/community/blogs/kevgrig/entry/linux_understanding_how_much_is_malloc_ed_in_a_coredump?lang=en


kernel/git/torvalds/linux.git - Linux kernel source tree
coredump: make core dump functionality optional
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=046d662f481830e652ac34cd112249adde16452a

How to handle SIGSEGV, but also generate a core dump - Alex on Linux
http://www.alexonlinux.com/how-to-handle-sigsegv-but-also-generate-core-dump

2014年8月6日 星期三

Linux Crash Dump






echo 1 > /proc/sys/kernel/sysrq  #enable SysRq
echo c > /proc/sysrq-trigger #trigger Crash

Magic SysRq key - Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Magic_SysRq_key



linux - core dump not generated - Stack Overflow
http://stackoverflow.com/questions/6809227/core-dump-not-generated

google-coredumper - A neat tool for creating GDB readable coredumps from multithreaded applications - Google Project Hosting
http://code.google.com/p/google-coredumper/


eCrash: Debugging without Core Dumps | Linux Journal
http://www.linuxjournal.com/article/8724?page=0,0

Embedded Crash Handler | Free software downloads at SourceForge.net
http://sourceforge.net/projects/ecrash/


Documentation for Kdump - The kexec-based Crash Dumping Solution
https://www.kernel.org/doc/Documentation/kdump/kdump.txt


[Ubuntu] Kernel Crash Dump
https://help.ubuntu.com/12.04/serverguide/kernel-crash-dump.html

[Fedora] How to use kdump to debug kernel crashes - FedoraProject
http://fedoraproject.org/wiki/How_to_use_kdump_to_debug_kernel_crashes

[Red Hat] A quick overview of Linux kernel crash dump analysis
http://magazine.redhat.com/2007/08/15/a-quick-overview-of-linux-kernel-crash-dump-analysis/

[Red Hat] Crash
http://people.redhat.com/~anderson/
https://github.com/crash-utility/crash

Linux Kernel Crash Book
https://www.dropbox.com/s/ktbz9fy7qbwsyfa/www.dedoimedo.com-crash-book.pdf

2014年8月4日 星期一

sshd always wants to change password

It's solved for me by setting it to non-zero:

sshd:"PASSWORD":1:0:99999:7:::
Or run the following every time after useradd or passwd:
sed -e 's/^\([^:]*:[^:]*:\)0:/\11:/' /etc/shadow -i
Is it because busybox passwd always update the "last changed" field to 0?

No, it's because the System time is not set correctly.

libbb/update_passwd.c
/* "name:" + "new_passwd" + ":" + "change date" + ":rest of line" */
fprintf(new_fp, "%s%s:%u%s\n", name_colon, new_passwd,
        (unsigned)(time(NULL)) / (24*60*60), cp);
So if system time is not set correctly, "last changed" field will always be 0 at the first day, and SSH will always asking for changing passwd.

Use date to update the system should fix this issue:
date -s 201401010000.00
This is not even busybox related. It might happened on any PC, just PC has battery and RTC and rarely lost the time.



lib.uclibc.buildroot - Re: sshd always wants to change password - msg#00125 - Recent Discussion OSDir.com
http://osdir.com/ml/lib.uclibc.buildroot/2007-05/msg00125.html

> >Here is the entry from my shadow file:
> >sshd:"PASSWORD":0:0:99999:7:::
>
> set the last changed field to non-null


Linux Password & Shadow File Formats
http://www.tldp.org/LDP/lame/LAME/linux-admin-made-easy/shadow-file-formats.html
smithj:Ep6mckrOLChF.:10063:0:99999:7:::
As with the passwd file, each field in the shadow file is also separated with ":" colon characters, and are as follows:
  • Username, up to 8 characters. Case-sensitive, usually all lowercase. A direct match to the username in the /etc/passwd file.
  • Password, 13 character encrypted. A blank entry (eg. ::) indicates a password is not required to log in (usually a bad idea), and a ``*'' entry (eg. :*:) indicates the account has been disabled.
  • The number of days (since January 1, 1970) since the password was last changed.
  • The number of days before password may be changed (0 indicates it may be changed at any time)
  • The number of days after which password must be changed (99999 indicates user can keep his or her password unchanged for many, many years)
  • The number of days to warn user of an expiring password (7 for a full week)
  • The number of days after password expires that account is disabled
  • The number of days since January 1, 1970 that an account has been disabled
  • A reserved field for possible future use