_public_ int sd_pid_get_unit(pid_t pid, char **unit) {
assert_return(pid >= 0, -EINVAL);
assert_return(unit, -EINVAL);
return cg_pid_get_unit(pid, unit);
}
_public_ int sd_pid_get_unit(pid_t pid, char **unit) {
int r;
assert_return(pid >= 0, -EINVAL);
assert_return(unit, -EINVAL);
r = cg_pid_get_unit(pid, unit);
return IN_SET(r, -ENXIO, -ENOMEDIUM) ? -ENODATA : r;
}
_public_ int sd_peer_get_unit(int fd, char **unit) {
struct ucred ucred;
int r;
assert_return(fd >= 0, -EINVAL);
assert_return(unit, -EINVAL);
r = getpeercred(fd, &ucred);
if (r < 0)
return r;
return cg_pid_get_unit(ucred.pid, unit);
}
static void test_proc(void) {
_cleanup_closedir_ DIR *d = NULL;
struct dirent *de;
int r;
d = opendir("/proc");
assert_se(d);
FOREACH_DIRENT(de, d, break) {
_cleanup_free_ char *path = NULL, *path_shifted = NULL, *session = NULL, *unit = NULL, *user_unit = NULL, *machine = NULL, *slice = NULL;
pid_t pid;
uid_t uid = UID_INVALID;
if (de->d_type != DT_DIR &&
de->d_type != DT_UNKNOWN)
continue;
r = parse_pid(de->d_name, &pid);
if (r < 0)
continue;
if (is_kernel_thread(pid))
continue;
cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, pid, &path);
cg_pid_get_path_shifted(pid, NULL, &path_shifted);
cg_pid_get_owner_uid(pid, &uid);
cg_pid_get_session(pid, &session);
cg_pid_get_unit(pid, &unit);
cg_pid_get_user_unit(pid, &user_unit);
cg_pid_get_machine_name(pid, &machine);
cg_pid_get_slice(pid, &slice);
printf(PID_FMT"\t%s\t%s\t"UID_FMT"\t%s\t%s\t%s\t%s\t%s\n",
pid,
path,
path_shifted,
uid,
session,
unit,
user_unit,
machine,
slice);
}
}
int main(int argc, char* argv[]) {
int r, j = 0;
_cleanup_free_ char *p = NULL;
ssize_t n;
pid_t pid;
uid_t uid;
gid_t gid;
struct iovec iovec[14];
_cleanup_free_ char *core_pid = NULL, *core_uid = NULL, *core_gid = NULL, *core_signal = NULL,
*core_timestamp = NULL, *core_comm = NULL, *core_exe = NULL, *core_unit = NULL,
*core_session = NULL, *core_message = NULL, *core_cmdline = NULL, *t = NULL;
prctl(PR_SET_DUMPABLE, 0);
if (argc != _ARG_MAX) {
log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
log_open();
log_error("Invalid number of arguments passed from kernel.");
r = -EINVAL;
goto finish;
}
r = parse_pid(argv[ARG_PID], &pid);
if (r < 0) {
log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
log_open();
log_error("Failed to parse PID.");
goto finish;
}
if (cg_pid_get_unit(pid, &t) >= 0) {
if (streq(t, SPECIAL_JOURNALD_SERVICE)) {
/* Make sure we don't make use of the journal,
* if it's the journal which is crashing */
log_set_target(LOG_TARGET_KMSG);
log_open();
r = divert_coredump();
goto finish;
}
core_unit = strappend("COREDUMP_UNIT=", t);
} else if (cg_pid_get_user_unit(pid, &t) >= 0)
core_unit = strappend("COREDUMP_USER_UNIT=", t);
if (core_unit)
IOVEC_SET_STRING(iovec[j++], core_unit);
/* OK, now we know it's not the journal, hence make use of
* it */
log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
log_open();
r = parse_uid(argv[ARG_UID], &uid);
if (r < 0) {
log_error("Failed to parse UID.");
goto finish;
}
r = parse_gid(argv[ARG_GID], &gid);
if (r < 0) {
log_error("Failed to parse GID.");
goto finish;
}
core_pid = strappend("COREDUMP_PID=", argv[ARG_PID]);
if (core_pid)
IOVEC_SET_STRING(iovec[j++], core_pid);
core_uid = strappend("COREDUMP_UID=", argv[ARG_UID]);
if (core_uid)
IOVEC_SET_STRING(iovec[j++], core_uid);
core_gid = strappend("COREDUMP_GID=", argv[ARG_GID]);
if (core_gid)
IOVEC_SET_STRING(iovec[j++], core_gid);
core_signal = strappend("COREDUMP_SIGNAL=", argv[ARG_SIGNAL]);
if (core_signal)
IOVEC_SET_STRING(iovec[j++], core_signal);
core_comm = strappend("COREDUMP_COMM=", argv[ARG_COMM]);
if (core_comm)
IOVEC_SET_STRING(iovec[j++], core_comm);
#ifdef HAVE_LOGIND
if (sd_pid_get_session(pid, &t) >= 0) {
core_session = strappend("COREDUMP_SESSION=", t);
free(t);
if (core_session)
IOVEC_SET_STRING(iovec[j++], core_session);
}
#endif
if (get_process_exe(pid, &t) >= 0) {
core_exe = strappend("COREDUMP_EXE=", t);
free(t);
if (core_exe)
IOVEC_SET_STRING(iovec[j++], core_exe);
}
if (get_process_cmdline(pid, 0, false, &t) >= 0) {
core_cmdline = strappend("COREDUMP_CMDLINE=", t);
free(t);
if (core_cmdline)
IOVEC_SET_STRING(iovec[j++], core_cmdline);
}
core_timestamp = strjoin("COREDUMP_TIMESTAMP=", argv[ARG_TIMESTAMP], "000000", NULL);
if (core_timestamp)
IOVEC_SET_STRING(iovec[j++], core_timestamp);
IOVEC_SET_STRING(iovec[j++], "MESSAGE_ID=fc2e22bc6ee647b6b90729ab34a250b1");
IOVEC_SET_STRING(iovec[j++], "PRIORITY=2");
core_message = strjoin("MESSAGE=Process ", argv[ARG_PID], " (", argv[ARG_COMM], ") dumped core.", NULL);
if (core_message)
IOVEC_SET_STRING(iovec[j++], core_message);
/* Now, let's drop privileges to become the user who owns the
* segfaulted process and allocate the coredump memory under
* his uid. This also ensures that the credentials journald
* will see are the ones of the coredumping user, thus making
* sure the user himself gets access to the core dump. */
if (setresgid(gid, gid, gid) < 0 ||
setresuid(uid, uid, uid) < 0) {
log_error("Failed to drop privileges: %m");
r = -errno;
goto finish;
}
p = malloc(9 + COREDUMP_MAX);
if (!p) {
r = log_oom();
goto finish;
}
memcpy(p, "COREDUMP=", 9);
n = loop_read(STDIN_FILENO, p + 9, COREDUMP_MAX, false);
if (n < 0) {
log_error("Failed to read core dump data: %s", strerror(-n));
r = (int) n;
goto finish;
}
iovec[j].iov_base = p;
iovec[j].iov_len = 9 + n;
j++;
r = sd_journal_sendv(iovec, j);
if (r < 0)
log_error("Failed to send coredump: %s", strerror(-r));
finish:
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}
int main(int argc, char* argv[]) {
/* The small core field we allocate on the stack, to keep things simple */
char
*core_pid = NULL, *core_uid = NULL, *core_gid = NULL, *core_signal = NULL,
*core_session = NULL, *core_exe = NULL, *core_comm = NULL, *core_cmdline = NULL,
*core_cgroup = NULL, *core_cwd = NULL, *core_root = NULL, *core_unit = NULL,
*core_slice = NULL;
/* The larger ones we allocate on the heap */
_cleanup_free_ char
*core_timestamp = NULL, *core_message = NULL, *coredump_data = NULL, *core_owner_uid = NULL,
*core_open_fds = NULL, *core_proc_status = NULL, *core_proc_maps = NULL, *core_proc_limits = NULL,
*core_proc_cgroup = NULL, *core_environ = NULL;
_cleanup_free_ char *exe = NULL, *comm = NULL, *filename = NULL;
const char *info[_INFO_LEN];
_cleanup_close_ int coredump_fd = -1;
struct iovec iovec[26];
uint64_t coredump_size;
int r, j = 0;
uid_t uid, owner_uid;
gid_t gid;
pid_t pid;
char *t;
const char *p;
/* Make sure we never enter a loop */
prctl(PR_SET_DUMPABLE, 0);
/* First, log to a safe place, since we don't know what
* crashed and it might be journald which we'd rather not log
* to then. */
log_set_target(LOG_TARGET_KMSG);
log_open();
if (argc < INFO_COMM + 1) {
log_error("Not enough arguments passed from kernel (%d, expected %d).",
argc - 1, INFO_COMM + 1 - 1);
r = -EINVAL;
goto finish;
}
/* Ignore all parse errors */
parse_config();
log_debug("Selected storage '%s'.", coredump_storage_to_string(arg_storage));
log_debug("Selected compression %s.", yes_no(arg_compress));
r = parse_uid(argv[INFO_UID + 1], &uid);
if (r < 0) {
log_error("Failed to parse UID.");
goto finish;
}
r = parse_pid(argv[INFO_PID + 1], &pid);
if (r < 0) {
log_error("Failed to parse PID.");
goto finish;
}
r = parse_gid(argv[INFO_GID + 1], &gid);
if (r < 0) {
log_error("Failed to parse GID.");
goto finish;
}
if (get_process_comm(pid, &comm) < 0) {
log_warning("Failed to get COMM, falling back to the command line.");
comm = strv_join(argv + INFO_COMM + 1, " ");
}
if (get_process_exe(pid, &exe) < 0)
log_warning("Failed to get EXE.");
info[INFO_PID] = argv[INFO_PID + 1];
info[INFO_UID] = argv[INFO_UID + 1];
info[INFO_GID] = argv[INFO_GID + 1];
info[INFO_SIGNAL] = argv[INFO_SIGNAL + 1];
info[INFO_TIMESTAMP] = argv[INFO_TIMESTAMP + 1];
info[INFO_COMM] = comm;
info[INFO_EXE] = exe;
if (cg_pid_get_unit(pid, &t) >= 0) {
if (streq(t, SPECIAL_JOURNALD_SERVICE)) {
free(t);
/* If we are journald, we cut things short,
* don't write to the journal, but still
* create a coredump. */
if (arg_storage != COREDUMP_STORAGE_NONE)
arg_storage = COREDUMP_STORAGE_EXTERNAL;
r = save_external_coredump(info, uid, &filename, &coredump_fd, &coredump_size);
if (r < 0)
goto finish;
r = maybe_remove_external_coredump(filename, coredump_size);
if (r < 0)
goto finish;
log_info("Detected coredump of the journal daemon itself, diverted to %s.", filename);
goto finish;
}
core_unit = strjoina("COREDUMP_UNIT=", t);
free(t);
} else if (cg_pid_get_user_unit(pid, &t) >= 0) {
core_unit = strjoina("COREDUMP_USER_UNIT=", t);
free(t);
}
if (core_unit)
IOVEC_SET_STRING(iovec[j++], core_unit);
/* OK, now we know it's not the journal, hence we can make use
* of it now. */
log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
log_open();
core_pid = strjoina("COREDUMP_PID=", info[INFO_PID]);
IOVEC_SET_STRING(iovec[j++], core_pid);
core_uid = strjoina("COREDUMP_UID=", info[INFO_UID]);
IOVEC_SET_STRING(iovec[j++], core_uid);
core_gid = strjoina("COREDUMP_GID=", info[INFO_GID]);
IOVEC_SET_STRING(iovec[j++], core_gid);
core_signal = strjoina("COREDUMP_SIGNAL=", info[INFO_SIGNAL]);
IOVEC_SET_STRING(iovec[j++], core_signal);
if (sd_pid_get_session(pid, &t) >= 0) {
core_session = strjoina("COREDUMP_SESSION=", t);
free(t);
IOVEC_SET_STRING(iovec[j++], core_session);
}
if (sd_pid_get_owner_uid(pid, &owner_uid) >= 0) {
r = asprintf(&core_owner_uid,
"COREDUMP_OWNER_UID=" UID_FMT, owner_uid);
if (r > 0)
IOVEC_SET_STRING(iovec[j++], core_owner_uid);
}
if (sd_pid_get_slice(pid, &t) >= 0) {
core_slice = strjoina("COREDUMP_SLICE=", t);
free(t);
IOVEC_SET_STRING(iovec[j++], core_slice);
}
if (comm) {
core_comm = strjoina("COREDUMP_COMM=", comm);
IOVEC_SET_STRING(iovec[j++], core_comm);
}
if (exe) {
core_exe = strjoina("COREDUMP_EXE=", exe);
IOVEC_SET_STRING(iovec[j++], core_exe);
}
if (get_process_cmdline(pid, 0, false, &t) >= 0) {
core_cmdline = strjoina("COREDUMP_CMDLINE=", t);
free(t);
IOVEC_SET_STRING(iovec[j++], core_cmdline);
}
if (cg_pid_get_path_shifted(pid, NULL, &t) >= 0) {
core_cgroup = strjoina("COREDUMP_CGROUP=", t);
free(t);
IOVEC_SET_STRING(iovec[j++], core_cgroup);
}
if (compose_open_fds(pid, &t) >= 0) {
core_open_fds = strappend("COREDUMP_OPEN_FDS=", t);
free(t);
if (core_open_fds)
IOVEC_SET_STRING(iovec[j++], core_open_fds);
}
p = procfs_file_alloca(pid, "status");
if (read_full_file(p, &t, NULL) >= 0) {
core_proc_status = strappend("COREDUMP_PROC_STATUS=", t);
free(t);
if (core_proc_status)
IOVEC_SET_STRING(iovec[j++], core_proc_status);
}
p = procfs_file_alloca(pid, "maps");
if (read_full_file(p, &t, NULL) >= 0) {
core_proc_maps = strappend("COREDUMP_PROC_MAPS=", t);
free(t);
if (core_proc_maps)
IOVEC_SET_STRING(iovec[j++], core_proc_maps);
}
p = procfs_file_alloca(pid, "limits");
if (read_full_file(p, &t, NULL) >= 0) {
core_proc_limits = strappend("COREDUMP_PROC_LIMITS=", t);
free(t);
if (core_proc_limits)
IOVEC_SET_STRING(iovec[j++], core_proc_limits);
}
p = procfs_file_alloca(pid, "cgroup");
if (read_full_file(p, &t, NULL) >=0) {
core_proc_cgroup = strappend("COREDUMP_PROC_CGROUP=", t);
free(t);
if (core_proc_cgroup)
IOVEC_SET_STRING(iovec[j++], core_proc_cgroup);
}
if (get_process_cwd(pid, &t) >= 0) {
core_cwd = strjoina("COREDUMP_CWD=", t);
free(t);
IOVEC_SET_STRING(iovec[j++], core_cwd);
}
if (get_process_root(pid, &t) >= 0) {
core_root = strjoina("COREDUMP_ROOT=", t);
free(t);
IOVEC_SET_STRING(iovec[j++], core_root);
}
if (get_process_environ(pid, &t) >= 0) {
core_environ = strappend("COREDUMP_ENVIRON=", t);
free(t);
if (core_environ)
IOVEC_SET_STRING(iovec[j++], core_environ);
}
core_timestamp = strjoin("COREDUMP_TIMESTAMP=", info[INFO_TIMESTAMP], "000000", NULL);
if (core_timestamp)
IOVEC_SET_STRING(iovec[j++], core_timestamp);
IOVEC_SET_STRING(iovec[j++], "MESSAGE_ID=fc2e22bc6ee647b6b90729ab34a250b1");
IOVEC_SET_STRING(iovec[j++], "PRIORITY=2");
/* Vacuum before we write anything again */
coredump_vacuum(-1, arg_keep_free, arg_max_use);
/* Always stream the coredump to disk, if that's possible */
r = save_external_coredump(info, uid, &filename, &coredump_fd, &coredump_size);
if (r < 0)
/* skip whole core dumping part */
goto log;
/* If we don't want to keep the coredump on disk, remove it
* now, as later on we will lack the privileges for
* it. However, we keep the fd to it, so that we can still
* process it and log it. */
r = maybe_remove_external_coredump(filename, coredump_size);
if (r < 0)
goto finish;
if (r == 0) {
const char *coredump_filename;
coredump_filename = strjoina("COREDUMP_FILENAME=", filename);
IOVEC_SET_STRING(iovec[j++], coredump_filename);
}
/* Vacuum again, but exclude the coredump we just created */
coredump_vacuum(coredump_fd, arg_keep_free, arg_max_use);
/* Now, let's drop privileges to become the user who owns the
* segfaulted process and allocate the coredump memory under
* the user's uid. This also ensures that the credentials
* journald will see are the ones of the coredumping user,
* thus making sure the user gets access to the core
* dump. Let's also get rid of all capabilities, if we run as
* root, we won't need them anymore. */
r = drop_privileges(uid, gid, 0);
if (r < 0) {
log_error_errno(r, "Failed to drop privileges: %m");
goto finish;
}
#ifdef HAVE_ELFUTILS
/* Try to get a strack trace if we can */
if (coredump_size <= arg_process_size_max) {
_cleanup_free_ char *stacktrace = NULL;
r = coredump_make_stack_trace(coredump_fd, exe, &stacktrace);
if (r >= 0)
core_message = strjoin("MESSAGE=Process ", info[INFO_PID], " (", comm, ") of user ", info[INFO_UID], " dumped core.\n\n", stacktrace, NULL);
else if (r == -EINVAL)
log_warning("Failed to generate stack trace: %s", dwfl_errmsg(dwfl_errno()));
else
log_warning_errno(r, "Failed to generate stack trace: %m");
}
if (!core_message)
#endif
log:
core_message = strjoin("MESSAGE=Process ", info[INFO_PID], " (", comm, ") of user ", info[INFO_UID], " dumped core.", NULL);
if (core_message)
IOVEC_SET_STRING(iovec[j++], core_message);
/* Optionally store the entire coredump in the journal */
if (IN_SET(arg_storage, COREDUMP_STORAGE_JOURNAL, COREDUMP_STORAGE_BOTH) &&
coredump_size <= arg_journal_size_max) {
size_t sz = 0;
/* Store the coredump itself in the journal */
r = allocate_journal_field(coredump_fd, (size_t) coredump_size, &coredump_data, &sz);
if (r >= 0) {
iovec[j].iov_base = coredump_data;
iovec[j].iov_len = sz;
j++;
}
}
r = sd_journal_sendv(iovec, j);
if (r < 0)
log_error_errno(r, "Failed to log coredump: %m");
finish:
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}