COREADM(8) Maintenance Commands and Procedures COREADM(8)
NAME
coreadm - core file administration
SYNOPSIS
coreadm [
-g pattern] [
-G content] [
-i pattern] [
-I content]
[
-d option]... [
-e option]...
coreadm [
-p pattern] [
-P content] [
pid]...
DESCRIPTION
coreadm specifies the name and location of core files produced by
abnormally-terminating processes. See
core(5).
Only users and roles that belong to the "Maintenance and Repair" RBAC
profile can execute the first form of the
SYNOPSIS. This form
configures system-wide core file options, including a global core
file name pattern and a core file name pattern for the
init(8) process. All settings are saved persistently and will be applied at
boot.
Non-privileged users can execute the second form of the
SYNOPSIS.
This form specifies the file name pattern and core file content that
the operating system uses to generate a per-process core file.
A core file name pattern is a normal file system path name with
embedded variables, specified with a leading
% character. The
variables are expanded from values that are effective when a core
file is generated by the operating system. The possible embedded
variables are as follows:
%d Executable file directory name, up to a maximum of
MAXPATHLEN characters
%f Executable file name, up to a maximum of
MAXCOMLEN characters
%g Effective group-
ID %m Machine name (
uname -m)
%n System node name (
uname -n)
%p Process-
ID %t Decimal value of
time(2) %u Effective user-
ID %z Name of the zone in which process executed (
zonename)
%Z The path to the root of the zone in which process executed
%% Literal
% For example, the core file name pattern
/var/cores/core.%f.%p would
result, for command
foo with process-
ID 1234, in the core file name
/var/cores/core.foo.1234.
A core file content description is specified using a series of tokens
to identify parts of a process's binary image:
anon Anonymous private mappings, including thread stacks that are not
main thread stacks
ctf CTF type information sections for loaded object files
data Writable private file mappings
debug Debug sections, commonly DWARF. All sections that begin with
'.debug_'. Note, this does capture non-DWARF related sections
that begin with the string pattern; however, at this time other
debug formats such as STABS are not included. Other debug formats
would be included here in the future.
dism DISM mappings
heap Process heap
ism ISM mappings
rodata Read-only private file mappings
shanon Anonymous shared mappings
shfile Shared mappings that are backed by files
shm System V shared memory
stack Process stack
symtab Symbol table sections for loaded object files
text Readable and executable private file mappings
In addition, you can use the token
all to indicate that core files
should include all of these parts of the process's binary image. You
can use the token
none to indicate that no mappings are to be
included. The
default token indicates inclusion of the system default
content
(
stack+heap+shm+ism+dism+text+data+rodata+anon+shanon+ctf+symtab).
The
/proc file system data structures are always present in core
files regardless of the mapping content.
You can use
+ and
- to concatenate tokens. For example, the core file
content
default-ism would produce a core file with the default set of
mappings without any intimate shared memory mappings.
The
coreadm command with no arguments reports the current system
configuration, for example:
$ coreadm
global core file pattern: /var/cores/core.%f.%p
global core file content: all
init core file pattern: core
init core file content: default
global core dumps: enabled
per-process core dumps: enabled
global setid core dumps: enabled
per-process setid core dumps: disabled
global core dump logging: disabled
The
coreadm command with only a list of process-
IDs reports each
process's per-process core file name pattern, for example:
$ coreadm 278 5678
278: core.%f.%p default
5678: /home/george/cores/%f.%p.%t all-ism
Only the owner of a process or a user with the
proc_owner privilege
can interrogate a process in this manner.
When a process is dumping core, up to three core files can be
produced: one in the per-process location, one in the system-wide
global location, and, if the process was running in a local (non-
global) zone, one in the global location for the zone in which that
process was running. Each core file is generated according to the
effective options for the corresponding location.
When generated, a global core file is created in mode
600 and owned
by the superuser. Nonprivileged users cannot examine such files.
Ordinary per-process core files are created in mode
600 under the
credentials of the process. The owner of the process can examine such
files.
A process that is or ever has been
setuid or
setgid since its last
exec(2) presents security issues that relate to dumping core.
Similarly, a process that initially had superuser privileges and lost
those privileges through
setuid(2) also presents security issues that
are related to dumping core. A process of either type can contain
sensitive information in its address space to which the current
nonprivileged owner of the process should not have access. If
setid core files are enabled, they are created mode
600 and owned by the
superuser.
OPTIONS
The following options are supported:
-d option...
Disable the specified core file option. See the
-e option for
descriptions of possible options.
Multiple
-e and
-d options can be specified on the command line.
Only users and roles belonging to the "Maintenance and Repair"
RBAC profile can use this option.
-e option...
Enable the specified core file option. Specify
option as one of
the following:
global Allow core dumps that use global core pattern.
global-setid Allow set-id core dumps that use global core pattern.
log Generate a
syslog(3C) message when generation of a global
core file is attempted.
process Allow core dumps that use per-process core pattern.
proc-setid Allow set-id core dumps that use per-process core pattern.
Multiple
-e and
-d options can be specified on the command
line. Only users and roles belonging to the "Maintenance and
Repair" RBAC profile can use this option.
-g pattern Set the global core file name pattern to
pattern. The pattern
must start with a
/ and can contain any of the special
% variables that are described in the
DESCRIPTION.
Only users and roles belonging to the "Maintenance and Repair"
RBAC profile can use this option.
-G content Set the global core file content to content. You must specify
content by using the tokens that are described in the
DESCRIPTION.
Only users and roles belonging to the "Maintenance and Repair"
RBAC profile can use this option.
-i pattern Set the default per-process core file name to
pattern. This
changes the per-process pattern for any process whose per-process
pattern is still set to the default. Processes that have had
their per-process pattern set or are descended from a process
that had its per-process pattern set (using the
-p option) are
unaffected. This default persists across reboot.
Only users and roles belonging to the "Maintenance and Repair"
RBAC profile can use this option.
-I content Set the default per-process core file content to
content. This
changes the per-process content for any process whose per-process
content is still set to the default. Processes that have had
their per-process content set or are descended from a process
that had its per-process content set (using the
-P option) are
unaffected. This default persists across reboot.
Only users and roles belonging to the "Maintenance and Repair"
RBAC profile can use this option.
-p pattern Set the per-process core file name pattern to
pattern for each of
the specified process-
IDs. The pattern can contain any of the
special
% variables described in the
DESCRIPTION and need not
begin with
/. If the pattern does not begin with
/, it is
evaluated relative to the directory that is current when the
process generates a core file.
A nonprivileged user can apply the
-p option only to processes
that are owned by that user. A user with the
proc_owner privilege
can apply the option to any process. The per-process core file
name pattern is inherited by future child processes of the
affected processes. See
fork(2).
If no process-
IDs are specified, the
-p option sets the per-
process core file name pattern to
pattern on the parent process
(usually the shell that ran
coreadm).
-P content Set the per-process core file content to
content for each of the
specified process-IDs. The content must be specified by using the
tokens that are described in the
DESCRIPTION.
A nonprivileged user can apply the
-p option only to processes
that are owned by that user. A user with the
proc_owner privilege
can apply the option to any process. The per-process core file
name pattern is inherited by future child processes of the
affected processes. See
fork(2).
If no process-
IDs are specified, the
-P option sets the per-
process file content to
content on the parent process (usually
the shell that ran
coreadm).
OPERANDS
The following operands are supported:
pid process-
IDEXAMPLES
Example 1: Setting the Core File Name Pattern
When executed from a user's
$HOME/.profile or
$HOME/.login, the
following command sets the core file name pattern for all processes
that are run during the login session:
example$ coreadm -p core.%f.%p
Note that since the process-
ID is omitted, the per-process core file
name pattern will be set in the shell that is currently running and
is inherited by all child processes.
Example 2: Dumping a User's Files Into a Subdirectory
The following command dumps all of a user's core dumps into the
corefiles subdirectory of the home directory, discriminated by the
system node name. This command is useful for users who use many
different machines but have a shared home directory.
example$ coreadm -p $HOME/corefiles/%n.%f.%p 1234
Example 3: Culling the Global Core File Repository
The following commands set up the system to produce core files in the
global repository only if the executables were run from
/usr/bin or
/usr/sbin.
example# mkdir -p /var/cores/usr/bin
example# mkdir -p /var/cores/usr/sbin
example# coreadm -G all -g /var/cores/%d/%f.%p.%n
FILES
/var/cores Directory provided for global core file storage.
EXIT STATUS
The following exit values are returned:
0 Successful completion.
1 A fatal error occurred while either obtaining or modifying the
system core file configuration.
2 Invalid command-line options were specified.
SEE ALSO
gcore(1),
pfexec(1),
svcs(1),
exec(2),
fork(2),
setuid(2),
time(2),
syslog(3C),
core(5),
prof_attr(5),
user_attr(5),
attributes(7),
smf(7),
init(8),
svcadm(8)NOTES
In a local (non-global) zone, the global settings apply to processes
running in that zone. In addition, the global zone's apply to
processes run in any zone.
The term
global settings refers to settings which are applied to the
system or zone as a whole, and does not necessarily imply that the
settings are to take effect in the global zone.
The
coreadm service is managed by the service management facility,
smf(7), under the service identifier:
svc:/system/coreadm:default
Administrative actions on this service, such as enabling, disabling,
or requesting restart, can be performed using
svcadm(8). The
service's status can be queried using the
svcs(1) command.
The
-g,
-G,
-i,
-I,
-e, and
-d options can be also used by a user,
role, or profile that has been granted both the
solaris.smf.manage.coreadm and
solaris.smf.value.coreadm authorizations.
August 3, 2021 COREADM(8)
