The coreadm command is used to specify the name and location of core files produced by abnormally-terminating processes. See core(4).

The first form shown in the synopsis can be executed only by the super-user and is used to configure system-wide core file options, including a global core file name pattern and a per-process core file name pattern for the init(1m) process. All such settings are saved in coreadm's configuration file /etc/coreadm.conf for setting on reboot. See init(1M)

The second form can be executed by non-privileged users and is used to specify the file name pattern to be used by the operating system when generating a per-process core file.

The third form can be executed only by the super-user and is used to update all system-wide core file options based on the contents of /etc/coreadm.conf. Normally this option is used only on reboot by the startup script /etc/init.d/coreadm.

A core file name pattern is a normal file system path name with embedded variables, specified with a leading % character, that are expanded from values in effect when a core file is generated by the operating system. The possible variables are:

%p

process-ID

%u

effective user-ID

%g

effective group-ID

%f

executable file name, up to a maximum of MAXCOMLEN characters

%n

system node name (uname -n)

%m

machine name (uname -m)

%t

decimal value of time(2)

%%

literal %

For example, the core file name pattern:

/var/core/core.%f.%p

would result, for command foo with process-ID 1234, in the core file name: /var/core/core.foo.1234

The coreadm command with no arguments reports the current system configuration, for example:

$ coreadm global core file pattern: /var/core/core.%f.%p init core file pattern: core global core dumps: enabled per-process core dumps: enabled global setid core dumps: enabled per-process setid core dumps: disabled global core dump logging: disabled

The coreadm command with only a list of process-IDs reports each process's per-process core file name pattern, for example:

$ coreadm 278 5678 278: core.%f.%p 5678: /home/george/cores/%f.%p.%t

Only the owner of a process or the super-user can interrogate a process in this manner.

When a process is dumping core, the operating system will generate two possible core files, the global core file and the per-process core file. Both files, one or the other, or no file will be generated, based on the system options in effect at the time.

When generated, a global core file will be created mode 600 and will be owned by the super-user. Non-privileged users cannot examine such files.

Ordinary per-process core files are created mode 600 under the credentials of the process. The owner of the process can examine such files.

A process that is or ever has been setuid or setgid since its last exec(2), including a process that began life with super-user privileges and gave up that privilege by way of setuid(2), presents security issues with respect to dumping core, as it may contain sensitive information in its address space to which the current non-privileged owner of the process should not have access. If setid core files are enabled, they will be created mode 600 and will be owned by the super-user.

The following options are supported:

-d option...

Disable the specified core file option. See the -e option for descriptions of possible options.

Multiple -e and -d options can be specified on the command line. Only super-users can use this option.

-e option...

Enable the specified core file option. Specify option as one of the following:

global

Allow core dumps using global core pattern

process

Allow core dumps using per-process core pattern

global-setid

Allow set-id core dumps using global core pattern

proc-setid

Allow set-id core dumps using per-process core pattern

log

Generate a syslog(3C) message when generation of a global core file is attempted.

Multiple -e and -d options can be specified on the command line. Only super-users can use this option.

-g pattern

Set the global core file name pattern to pattern. The pattern must start with a / and can contain any of the special % variables described in the DESCRIPTION.

Only super-users can use this option.

-i pattern

Set the per-process core file name pattern for init(1m) to pattern. This is the same as coreadm -p pattern 1 except that the setting will be persistent across reboot.

Only super-users can use this option.

-p pattern

Set the per-process core file name pattern to pattern for each of the specified process-IDs. The pattern can contain any of the special % variables described in the DESCRIPTION and need not begin with /. If it does not begin with /, it will be evaluated relative to the current directory in effect when the process generates a core file.

A non-privileged user can apply the -p option only to processes owned by that user. The super-user can apply it to any process. The per-process core file name pattern will be inherited by future child processes of the affected processes. See fork(2).

-u

Update system-wide core file options from the contents of the configuration file /etc/coreadm.conf. If the configuration file is missing or contains invalid values, default values are substituted. Following the update, the configuration file is resynchronized with the system core file configuration. Only super-users can use this option.

The following operands are supported:

pid

process-ID

The following exit values are returned:

0

Successful completion.

1

A fatal error occurred while either obtaining or modifying the system core file configuration.

2

Invalid command line options were specified.

/etc/init.d/coreadm

/etc/coreadm.conf

See attributes(5) for descriptions of the following attributes:

gcore(1), init(1M), exec(2), fork(2), setuid(2), time(2), syslog(3C), core(4), attributes(5)