On Wed, 2021-04-14 at 15:29 +0000, Zbigniew Jędrzejewski-Szmek wrote: > Unfortunately this doesn't work for two important cases: > - when a binary or shared library has been replaced on disk. E.g. > it is fairly common for packages to crash on upgrade, and the crash > could be in the _old_ code. When the metadata is loaded in a section, > we get it all nice and dandy in the coredump. If it's in an xattr, > we don't or even worse, get outdated info.
That's fair - if it were possible to get an fd during dump, we could use fgetxattr. If not, we can use /proc/$pid/exe - even when deleted you can interact with it: [malmond@malmond-x1 ~]$ ls -l /proc/$$/exe lrwxrwxrwx. 1 malmond malmond 0 Apr 14 15:45 /proc/364665/exe -> '/home/malmond/testbash (deleted)' [malmond@malmond-x1 ~]$ attr -l /proc/$$/exe Attribute "selinux" has a 54 byte value for /proc/364665/exe (this is me copying bash, executing it, then deleting it). My thinking is this could go in systemd-coredump as it's invoked when dumping core anyway. Libraries are accessible from /proc/$pid/map_files/$range. > - it doesn't work for non-rpm stuff. I'm confused about this - I had put forth an idea for how to make rpm create this when installing packages (so it works with older or third party packages) but the same xattr could be created for any packaging system. Can you clarify what is rpm dependent here? Matthew. _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
