Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jewel: ceph daemons DUMPABLE flag is cleared by setuid preventing coredumps #11736

Merged
1 commit merged into from Nov 14, 2016
Merged

jewel: ceph daemons DUMPABLE flag is cleared by setuid preventing coredumps #11736

1 commit merged into from Nov 14, 2016

Conversation

Abhishekvrshny
Copy link

@batrick
core: set dumpable flag after setuid
3667c56 
When ceph-* drops drops privileges via setuid, core dumps are no longer
generated because its DUMPABLE flag is cleared. We have to manually
turn that back on.

From prctl(2):

      Normally, this flag is set to 1.  However, it is reset to the current value contained in the file /proc/sys/fs/suid_dumpable (which by default has the value 0), in the fol‐
      lowing circumstances:

      *  The process's effective user or group ID is changed.

      *  The process's filesystem user or group ID is changed (see credentials(7)).

      *  The process executes (execve(2)) a set-user-ID or set-group-ID program, or a program that has capabilities (see capabilities(7)).

Fixes: http://tracker.ceph.com/issues/17650

Signed-off-by: Patrick Donnelly <pdonnell@redhat.com>
(cherry picked from commit ff0e521)
@Abhishekvrshny Abhishekvrshny added this to the jewel milestone Nov 2, 2016
@Abhishekvrshny Abhishekvrshny self-assigned this Nov 2, 2016
@ghost ghost changed the base branch from jewel to 0.94.2 November 9, 2016 09:56
@ghost ghost changed the base branch from 0.94.2 to jewel-next November 9, 2016 09:56
@ghost
Copy link

ghost commented Nov 9, 2016
edited by ghost

jenkins test this please (throttle unit test failed)

@ghost
Copy link

ghost commented Nov 9, 2016

jenkins test this please (general jenkins failure)

@ghost
Copy link

ghost commented Nov 9, 2016

jenkins test this please (unittest_throttle hangs)

ghost pushed a commit that referenced this pull request Nov 9, 2016
Merge pull request #11736: jewel: ceph daemons DUMPABLE flag is clear…
e9dac9d 
…ed by setuid preventing coredumps

Reviewed-by: Loic Dachary <ldachary@redhat.com>
@ghost
Copy link

ghost commented Nov 14, 2016

It passed the rados (http://tracker.ceph.com/issues/17851#note-4) suite. It also passed the upgrade/jewel-x and upgrade/hammer-x (http://tracker.ceph.com/issues/17851#note-7) suites, except for one job which should be fixed by ceph/ceph-qa-suite#1256 and does not seem related to this pull request. Note that it won't be included in 10.2.4, reason why it targets jewel-next.

@ghost ghost merged commit c91e90e into ceph:jewel-next Nov 14, 2016
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@Abhishekvrshny Abhishekvrshny

Labels
bug-fix core
Projects
None yet
Milestone
jewel
2 participants
@Abhishekvrshny @batrick