Enable core dump in lxd container


(Pete Dosch) #1

I’m having trouble understanding why running processes in my container can’t dump core files.
I’ve set limits.kernel.core to be “unlimited” for the container, but ulimit -a still shows a value of 0 from within the container, and processes that say they core dump don’t create a core file.

All of this works on the host system, and I changed the /proc/sys/kernel/core_pattern file to point directly to a file, but that did not make a difference.

Am I missing something in the configuration?

# lxc config show lvm-ualpha01
architecture: x86_64
config:
  limits.kernel.core: unlimited

lvm-ualpha01# ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited

#2

Hi!

If you do

$ ulimit -c unlimited

then a spawned process can produce a coredump file. I tested this just now.

The issue that you describe is how to configure the container from LXD to allow for coredumps?
I suppose that the container image is likely to reset the configuration and set coredumpsize to 0.


(Pete Dosch) #3

I had thought that should work too, but when I tried it, I get a permission denied error:
# ulimit -c unlimited
bash: ulimit: core file size: cannot modify limit: Operation not permitted


#4

Here is a full example. Note that I changed the default core pattern on the host to save to a file in the current directory. The default in Ubuntu is pipe to apport.

$ lxc launch ubuntu:18.04 coredump
Creating coredump
Starting coredump
user@computer:~$ lxc ubuntu coredump
ubuntu@coredump:~$ sudo apt update
ubuntu@coredump:~$ sudo apt install build-essential
ubuntu@coredump:~$ cat > mytest.c
int main() { int* p = 0; *p = 0; return 0; }
ubuntu@coredump:~$ gcc mytest.c -o mytest
ubuntu@coredump:~$ ./mytest 
Segmentation fault
ubuntu@coredump:~$ ls
mytest  mytest.c
ubuntu@coredump:~$ ulimit -c
0
ubuntu@coredump:~$ ulimit -c unlimited
ubuntu@coredump:~$ ulimit -c
unlimited
ubuntu@coredump:~$ ./mytest 
Segmentation fault (core dumped)
ubuntu@coredump:~$ ls
core.mytest.4577  mytest  mytest.c
ubuntu@coredump:~$ 

(Pete Dosch) #5

I’m confused about this line, is it supposed to be connecting me to the container as the ubuntu user?

Per my previous post, I log into the container and the ulimit command does not work for me the way you’re saying it works for you:

ubuntu@ualpha01:~$ ulimit -c
0
ubuntu@ualpha01:~$ ulimit -c unlimited
-su: ulimit: core file size: cannot modify limit: Operation not permitted
ubuntu@ualpha01:~$

#6

Regarding lxc ubuntu mycontainer, it’s an alias. See

Set up the alias on your computer and try again. I think the issue you are facing may be related to the way you su to the non-root user.


(Pete Dosch) #7

No, the results are the same using your login method:

ubuntu@ualpha01:~$ ulimit -c
0
ubuntu@ualpha01:~$ ulimit -c unlimited
-bash: ulimit: core file size: cannot modify limit: Operation not permitted
ubuntu@ualpha01:~$