Skip to content

coredumpd: improve backtraces by downloading debuginfo on the fly via elfutils/debuginfod #14711

Open
@fche

Description

@fche

Is your feature request related to a problem? Please describe.
When computing a traceback, systemd-coredump can produce higher quality results if debuginfo is available. Current elfutils has some automatic downloading capability, but this is made difficult to configure/use from systemd-coredump@ due to the numerous security constraints.

Describe the solution you'd like
Consider allowing a coredump@ service mode that relaxes the security constraints or data flow just enough to launch the elfutils debuginfod (https://sourceware.org/elfutils/Debuginfod.html) client code for the binaries/coredumps being processed. To trigger the attempt, it is enough to set a $DEBUGINFOD_URLS environment variable for the service; elfutils does the rest. But since this is by necessity making contact to a network service that involves downloading, so IPAddressDeny, RestrictAccessFamilies, SystemCallFilter, and probably other settings need to be relaxed. There may be a way of factoring out this to a less locked-down helper process or service while leaving the main one locked up tight. For example, the /usr/bin/eu-stack program can do similar stack backtracing as the code in your src/coredump/stacktrace.c.

If this capability is of any interest, we may be able to help prototype it under your guidance.

Metadata

Metadata

Assignees

No one assigned

    Labels

    RFE 🎁Request for Enhancement, i.e. a feature requestcoredump

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions