README.md (1162B)
- # basic-core-handler
- To install dump it into a root-controlled directory where executables can be launched,
- say `/usr/local/bin/` and set it as the coredump handler via the `kernel.core_pattern` setting in `/etc/sysctl.conf` like so:
- ```
- kernel.core_pattern = |/usr/local/bin/core-handler %P %u %g %s %t %c %e %E
- ```
- It will then create the following files in `/var/crash`, prefixed by the crash timestamp, pid, uid, command:
- * `*.core`: Coredump, as given by kernel on stdin
- * `*.info`: Textual dump of information given by kernel as arguments
- * `*.backtrace.txt`: lldb(1) generated coredump information, mainly the backtrace but also some other related information
- ## Dependencies
- * POSIX Shell & Utilities
- * applyuidgid(1) provider, such as daemontools, daemontools-encore or s6
- * lldb(1) from LLVM
- ## Security
- * `/var/crash` is verified to be root-controlled before creating any files in it
- * No information about the process is extracted from `/proc` or equivalent (hardening against attacker killing the crashed process)
- ---
- ```
- Copyright © 2024 Haelwenn (lanodan) Monnier <contact+core-handler@hacktivis.me>
- SPDX-License-Identifier: MIT
- ```