[quagga] enable core dump for bgpd and zebra (#927)

* [core dump] pass unix time to coredump-compress script Currently we only have program name (e.g. bgpd) and PID in the core file name. PID could collide especially after docker restart or recreate. Passing the unix time to coredump-compress so it could also add time to the core file name. * [utilities] include the change to coredump_compress script * [quagga] enable core dump for bgpd and zebra bgpd and zebra downgrade their privilege shortly after started. For that sysctrl kernel.suid_dumpable needs to be set to 2, so that they can dump core. Note that fs.suid_dumpable SHOULD NOT be set to 1. Which will bypass all system security.
2017-08-30 09:41:47 -07:00 · 2017-08-30 09:41:47 -07:00 · 1a4f039f55
commit 1a4f039f55
parent 9c87eff5fa
2 changed files with 3 additions and 2 deletions
--- a/build_debian.sh
+++ b/build_debian.sh
@ -239,10 +239,11 @@ EOF
 ## Config sysctl
 sudo mkdir -p $FILESYSTEM_ROOT/var/core
 sudo augtool --autosave "
-set /files/etc/sysctl.conf/kernel.core_pattern '|/usr/bin/coredump-compress %e %p'
+set /files/etc/sysctl.conf/kernel.core_pattern '|/usr/bin/coredump-compress %e %t %p'

 set /files/etc/sysctl.conf/kernel.softlockup_panic 1
 set /files/etc/sysctl.conf/kernel.panic 10
+set /files/etc/sysctl.conf/fs.suid_dumpable 2

 set /files/etc/sysctl.conf/net.ipv4.conf.default.forwarding 1
 set /files/etc/sysctl.conf/net.ipv4.conf.all.forwarding 1
--- a/src/sonic-utilities
+++ b/src/sonic-utilities
@ -1 +1 @@
-Subproject commit d1ded16b06b493e2420d1013aee97afbdc8160d9
+Subproject commit b82ea42a35468cbb653cf59296d1cca716d400a4