Mandrake 6.5 & User Core Dumps

I don't think there's a hard limit in the system, but the default bashrc file probably has "ulimit -c 0" in it which will prevent the creation of core files. You can override that in a session with "ulimit -c unlimited" once logged in, or change .bashrc so coredumps are enabled for every login.

[nathan@sunrise nathan]$ ulimit -a
core file size (blocks)     0
data seg size (kbytes)      unlimited
file size (blocks)          unlimited
max locked memory (kbytes)  unlimited
max memory size (kbytes)    unlimited
open files                  1024
pipe size (512 bytes)       8
stack size (kbytes)         8192
cpu time (seconds)          unlimited
max user processes          2048
virtual memory (kbytes)     unlimited
[nathan@sunrise nathan]$ ulimit -c unlimited
[nathan@sunrise nathan]$ ulimit -a
core file size (blocks)     0
data seg size (kbytes)      unlimited
file size (blocks)          unlimited
max locked memory (kbytes)  unlimited
max memory size (kbytes)    unlimited
open files                  1024
pipe size (512 bytes)       8
stack size (kbytes)         8192
cpu time (seconds)          unlimited
max user processes          2048
virtual memory (kbytes)     unlimited
[nathan@sunrise nathan]$

Already been there and tried that.

You might have a different problem. Give me a few minutes and I'll put up another way to check.

Okay, here goes. Paste the c code below into a file, compile it and run it. It'll get the core file data from the kernel (current limit and max limit) and print that out. Then it'll try to set the current limit to the kernel's max and print out the result. Id be most interested in what the program output is. Note this wo't change what the shell see, just the program's runtime.

---begin code---
#include <stdio.h>
#include <sys/resource.h>
#include <unistd.h>

extern int errno;

main()
{
  struct rlimit rlim;

  if(getrlimit(RLIMIT_CORE, &rlim))
  {
    printf("get limit failed, errno: %d\n", errno);
    exit(1);
  }
  printf("Current settings\n");
  printf("cur: %d, max: %d\n", rlim.rlim_cur, rlim.rlim_max);

  rlim.rlim_cur = rlim.rlim_max;
  if(setrlimit(RLIMIT_CORE, &rlim))
  {
    printf("set limit failed, errno: %d\n", errno);
    exit(1);
  }

  rlim.rlim_cur = rlim.rlim_max = 0;
  if(getrlimit(RLIMIT_CORE, &rlim))
  {
    printf("get limit failed, errno: %d\n", errno);
    exit(1);
  }
  printf("After trying to set unlimited core size\n");
  printf("cur: %d, max: %d\n", rlim.rlim_cur, rlim.rlim_max);
}

Reading the bash or bash2 man page you will find out that there are Hard and Soft limits.

The H and S options to ulimit specify that the hard or soft limit is  set for  the  given resource. A hard limit cannot be increased once it is  set; a soft limit may be increased up to the value of the hard limit.

Perhaps a line of the form "ulimit -cH 0" is hidden somewhere in your /etc/profile, /etc/profile.d/*, /etc/bashrc, ~/.bash_profile or ~/.bashrc .

What is the output of "ulimit -Ha"? Can you raise Hard or Soft limits as root?

The results of your code:

[nathan@sunrise nathan]$ gcc -o mytest mytest.c
[nathan@sunrise nathan]$ ./mytest
Current settings
cur: 0, max: 0
After trying to set unlimited core size
cur: 0, max: 0
[nathan@sunrise nathan]$

I had also written something similar. The code is as follows:

[nathan@sunrise nathan]$ more core.c
#include <sys/time.h>
#include <sys/resource.h>
#include <unistd.h>

int main(void)
{
  struct rlimit r;

  printf("Getting core limit.\n");
  getrlimit(RLIMIT_CORE, &r);
  printf("  rlim_cur: %d, rlim_max: %d\n", r.rlim_cur, r.rlim_max);
  printf("Setting core limit.\n");
  r.rlim_cur = r.rlim_max = RLIM_INFINITY;
  if( setrlimit(RLIMIT_CORE, &r) == -1 )
    perror("setrlimit");
  else
    printf("Core limit set successfully.\n");
  getrlimit(RLIMIT_CORE, &r);
  printf("  rlim_cur: %d, rlim_max: %d\n", r.rlim_cur, r.rlim_max);
}

[nathan@sunrise nathan]$ ./core
Getting core limit.
  rlim_cur: 0, rlim_max: 0
Setting core limit.
setrlimit: Operation not permitted
  rlim_cur: 0, rlim_max: 0
[nathan@sunrise nathan]$

I've looked before, and I don't find anything that should do it. However, this entry in /etc/profile (commented out, still have the problem) piques my curiousity:

# In bash2 we can't define a ulimit more than 0 for user :-(
[ "$UID" = "0" ] && {
ulimit -c 1000000
        } || {
ulimit -c 0
}

This is the results of a find in /etc:

/etc/csh.cshrc:limit coredumpsize 1000000
/etc/profile:# In bash2 we can't define a ulimit more than 0 for user :-(
/etc/profile:#ulimit -c 1000000
/etc/profile:#ulimit -c 0
/etc/X11/fs/config:client-limit = 4
/etc/X11/fs/config:# when a font server reaches its limit, start up a new one
/etc/termcap:# string-table limit of archaic termcap libraries except where explicitly
/etc/termcap:# Caution: vi is limited to 256 string bytes, longer crashes or weirds out vi.
/etc/termcap:#  The second entry below provides limited (a la adm3a)
/etc/termcap:# 1024-byte limit.)
/etc/termcap:# Memory-segmentation limits and a strong tendency to look like V7 long after
/etc/termcap:# evolutions including (limited) color versions such as the PS330C. PS300s
/etc/termcap:# CMD  Coding Method Delimiter * \E
/etc/termcap:# Delim  a Delimiter
/etc/termcap:#  * Commented out hds200 is2 to avoid overflowing terminfo length limit.
/etc/rc.d/init.d/functions:     ulimit -c 0
/etc/httpd/conf/httpd.conf:# Aliases: Add here as many aliases as you need (with no limit). The format is
/etc/httpd/conf/httpd.conf:# during a persistent connection. Set to 0 to allow an unlimited amount.
/etc/httpd/conf/httpd.conf:# Limit on total number of servers running, i.e., limit on the number
/etc/httpd/conf/httpd.conf:# of clients who can simultaneously connect --- if this limit is ever
/etc/httpd/conf/midgard-php/php3.ini:memory_limit = 8388608             ; Maximum amount of memory a script may consume (8MB)
/etc/httpd/conf/midgard-php/php3.ini:upload_max_filesize = 2097152       ; 2 Meg default limit on file uploads
/etc/httpd/conf/midgard-php/php3.ini:uodbc.max_persistent       =       -1     ; maximum number of persistent links. -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:uodbc.max_links                    =      -1       ; maximum number of links (persistent+non persistent). -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:mysql.max_persistent       =       -1     ; maximum number of persistent links. -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:mysql.max_links                    =      -1       ; maximum number of links (persistent+non persistent).  -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:msql.max_persistent                =      -1       ; maximum number of persistent links. -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:msql.max_links                     =      -1       ; maximum number of links (persistent+non persistent).  -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:pgsql.max_persistent       =       -1     ; maximum number of persistent links. -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:pgsql.max_links                    =      -1       ; maximum number of links (persistent+non persistent).  -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:sybase.max_persistent      =       -1     ; maximum number of persistent links. -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:sybase.max_links           =       -1     ; maximum number of links (persistent+non persistent).  -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:sybct.max_persistent       =       -1     ; maximum number of persistent links. -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:sybct.max_links                    =      -1               ; maximum number of links (persistent+non persistent).  -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:ifx.max_persistent         =       -1     ; maximum number of persistent links. -1 means no limit
/etc/httpd/conf/midgard-php/php3.ini:ifx.max_links                      =      -1       ; maximum number of links (persistent+non persistent).  -1 means no limit
/etc/ftpaccess:limit   all   10   Any              /etc/msgs/msg.dead
/etc/pam.d/other:session  required       /lib/security/pam_limits.so
/etc/security/limits.conf:# /etc/security/limits.conf
/etc/security/limits.conf:#Each line describes a limit for a user in the form:
/etc/security/limits.conf:#        - "soft" for enforcing the soft limits
/etc/security/limits.conf:#        - "hard" for enforcing hard limits
/etc/security/limits.conf:#        - core - limits the core file size (KB)
/etc/security/limits.conf:#        - as - address space limit
Binary file /etc/smrsh/list matches
/etc/lynx.cfg:# we need to limit the charset in outgoing mail to reduce
/etc/lynx.cfg:# The news reading facility in Lynx is quite limited.  Lynx does not provide a
/etc/lynx.cfg:# The posting facility in Lynx is quite limited.  Lynx does not provide a
/etc/vga/libvga.config:# mouse_accel_maxdelta   600     # This is an upper limit for delta after
/etc/vga/libvga.config:# mouse_maxdelta 30      # This is an upper limit for the delta
/etc/vga/libvga.config:                         # can limit the biggest valid delta that
/etc/vga/libvga.config:                         # reasonable limit, (Like a negative mult :)
/etc/vga/libvga.config:# generated with the svgakeymap utility, but there are limitations to the
/etc/wgetrc:# default quota is unlimited.
/etc/ssh2/sshd2_config:# 0 == number of connections not limited

I have also tried modifying /etc/security/limits.conf to have the following entries:

*               soft    core            200000
*               hard    core            200000

but that didn't help either, even after I added:

session  required       /lib/security/pam_limits.so

to /etc/pam.d/login and /etc/pam.d/other.

Any other suggestions?

--SR

Adjusted points to 200

Ok, got some new information. The 200000 does work over telnet but not when I log in over ssh.

If I set the limits to be unlimited in /etc/security/limits.conf, it doesn't work (which is what I had previously tested it as).

Any futher recommendations, including how to get SSH to recognize the PAM limitations?

Uhmm, yes, add the same session lines to /etc/pam.d/ssh.

Oh you didn't tell me it was failing when logged in via ssh? What happens if you undo the change to limits.conf (which is supposed to default to max for everything) and undo the changes to pam.d when in a telnet session?

Didn't work. Do I need a special version of SSH to support PAM or something?

If I remove the entries in /etc/security/limits.conf and remove the line in /etc/pam.d/login, it defaults back to 0 when I log in over telnet.

I just rubbed some sleepyness from my eyes and saw that my sshd1 is linked against libpam but my sshd2 is not. So adding the session line won't help.

I guess this answers your question about the special version in the affirmative sense.

ok...

First person to point me to both:

a.) where i can obtain a PAM'd version of ssh1

and

b.) some more documentation on /etc/security/limits.conf

gets the points, since you guys have been helping but a lot of the legwork was on my end. Fair enough?

Did I understand the last correctly. With the changes backed out and logged in over telnet, you can't set unlimited core size? This, with respect to the kernel and libc is a stock system, right?

I don't have a system around with ssh enabled, so I can't look to see. If connect via ssh, who are the process owners of each parent of your shell back to intit?

I ended up finding a patch for it as the 2.25 is an older version that I believe is susceptible to certain exploits. The PAM documentation included in the PAM RPM lacks quite a bit, but if good documentation isnt available, you can't point me to it, can you? *grin* Thanks for the help.

Here at my work I use ssh-1.2.27-5i.i386.rpm, also from the same packager, Jan "Yenya" Kasprzak <kas@fi.muni.cz>. It has the pam support. I can no longer find it at http://rufus.w3.org/linux/RPM, but I found both the us and international version at http://rpmfind.doc.ic.ac.uk/

Don't you have a section in pam.txt, around 6.11 or 6.12 that describes limits.conf (150+ lines)?