From 4284a1845667b2decb10cdab7f9404ade2b847e6 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Tue, 15 Oct 2019 11:00:00 +0200 Subject: [PATCH 01/16] Extract libcrash-service to a separate package Change-Id: Ife9bf0274c226f3a2e85e8d97db567e0da8d4d4a --- packaging/crash-worker.spec | 10 +++++++++- packaging/crash-worker_system-tests.spec | 1 + 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/packaging/crash-worker.spec b/packaging/crash-worker.spec index 41fe249..5003954 100644 --- a/packaging/crash-worker.spec +++ b/packaging/crash-worker.spec @@ -56,6 +56,12 @@ Requires: %{name}-livedumper = %{version}-%{release} %description crash-manager +%package libcrash-service +Summary: libcrash-service + +%description libcrash-service +libcrash-service provides API to communicate with crash-service + %package devel Requires: crash-worker Summary: Crash-manager development package @@ -180,12 +186,14 @@ mkdir -p %{buildroot}%{crash_temp} %attr(-,root,root) %{_unitdir}/crash-service.service %attr(-,root,root) %{_sysconfdir}/dbus-1/system.d/crash-service.conf %attr(-,root,root) %{_datadir}/dbus-1/system-services/org.tizen.system.crash.livedump.service -%{_libdir}/libcrash-service.so.* %endif #upgrade script %attr(-,root,root) %{upgrade_script_path}/500.crash-manager-upgrade.sh +%files libcrash-service +%{_libdir}/libcrash-service.so.* + %files devel %{_includedir}/crash-manager.h %{_libdir}/libcrash-manager.so diff --git a/packaging/crash-worker_system-tests.spec b/packaging/crash-worker_system-tests.spec index c965ee4..b4fad73 100644 --- a/packaging/crash-worker_system-tests.spec +++ b/packaging/crash-worker_system-tests.spec @@ -29,6 +29,7 @@ Requires: /bin/bash Requires: /usr/bin/unzip Requires: /usr/bin/mcookie Requires: crash-worker +Requires: crash-worker-libcrash-service Requires: %{_sbindir}/minicoredumper %description -- 2.7.4 From ff274f5689c2dd52493ecd8a6d56d7a64dc2de83 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Wed, 16 Oct 2019 14:20:47 +0200 Subject: [PATCH 02/16] Fix preparing report for applications with too long name Crash-manager gets the application name from /proc//cmdline, but this value can be modified (e.g. by modify argv[0]), and may be incorrect. Now report file name is prepared based on the executable path. Change-Id: Ia7f3b495bf501a67620888c99d49832e0fd6a23d --- src/crash-manager/crash-manager.c | 4 ++-- src/crash-manager/so-info.c | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/crash-manager/crash-manager.c b/src/crash-manager/crash-manager.c index 86396db..8bf424a 100644 --- a/src/crash-manager/crash-manager.c +++ b/src/crash-manager/crash-manager.c @@ -363,7 +363,7 @@ bool set_crash_info(struct crash_info *cinfo) return false; } - if (asprintf(&cinfo->name, "%s_%d_%s", basename(cinfo->cmd_line), + if (asprintf(&cinfo->name, "%s_%d_%s", basename(cinfo->cmd_path), cinfo->pid_info, date) == -1) { _E("Failed to snprintf for name"); cinfo->name = NULL; @@ -582,7 +582,7 @@ static bool execute_minicoredump(struct crash_info *cinfo, int *exit_code) sig_str, // %s - number of signal time_str, // %t - time of dump "localhost", // %h - hostname - basename(cinfo->cmd_line), // %e - exe name (need for result filename) + basename(cinfo->cmd_path), // %e - exe name (need for result filename) MINICOREDUMPER_CONFIG_PATH, // config file "-d", cinfo->pfx, // temp dir diff --git a/src/crash-manager/so-info.c b/src/crash-manager/so-info.c index b449791..a0ae2dc 100644 --- a/src/crash-manager/so-info.c +++ b/src/crash-manager/so-info.c @@ -401,6 +401,10 @@ void get_and_save_so_info(char *map_path, char *out_path) break; } ri->app_name = get_app_name_from_path(file_path); + if (ri->app_name == NULL) { + free(ri); + continue; + } ri->build_id = build_id; ri->rpm_info = NULL; pkgs_not_found = g_slist_append(pkgs_not_found, ri); -- 2.7.4 From ab88e92b1eb4bae8d94523141afb2d59ffc5e6e6 Mon Sep 17 00:00:00 2001 From: Karol Lewandowski Date: Wed, 6 Nov 2019 09:08:11 +0100 Subject: [PATCH 03/16] Allow new special priv_livecoredump group members to use livedump API Change-Id: Ia210a100bc2af1ce323ef90331e31950d8a8b277 --- src/crash-service/crash-service.conf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/crash-service/crash-service.conf b/src/crash-service/crash-service.conf index 904d93a..f1f1e74 100644 --- a/src/crash-service/crash-service.conf +++ b/src/crash-service/crash-service.conf @@ -7,6 +7,11 @@ send_interface="org.tizen.system.crash.livedump" send_member="livedump_pid"/> + + + -- 2.7.4 From b55fb70677364e21c4c2ceb7c25d52496b280cd7 Mon Sep 17 00:00:00 2001 From: Karol Lewandowski Date: Wed, 6 Nov 2019 11:41:18 +0100 Subject: [PATCH 04/16] Provide libcrash-service package, not crash-worker-libcrash-service Change-Id: I4def644bfb149b3d2eaf228addc38e011d5d5172 --- packaging/crash-worker.spec | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/packaging/crash-worker.spec b/packaging/crash-worker.spec index 5003954..c4ddbfc 100644 --- a/packaging/crash-worker.spec +++ b/packaging/crash-worker.spec @@ -56,16 +56,15 @@ Requires: %{name}-livedumper = %{version}-%{release} %description crash-manager -%package libcrash-service -Summary: libcrash-service -%description libcrash-service -libcrash-service provides API to communicate with crash-service +%package -n libcrash-service +Summary: libcrash-service provides API to communicate with crash-service +%description -n libcrash-service %package devel -Requires: crash-worker Summary: Crash-manager development package %description devel +Requires: libcrash-service This package provides library and header files. %if %{with doc} @@ -191,7 +190,7 @@ mkdir -p %{buildroot}%{crash_temp} #upgrade script %attr(-,root,root) %{upgrade_script_path}/500.crash-manager-upgrade.sh -%files libcrash-service +%files -n libcrash-service %{_libdir}/libcrash-service.so.* %files devel -- 2.7.4 From 6eaf84fd0d0d1363902de4094c9523df4894faac Mon Sep 17 00:00:00 2001 From: Karol Lewandowski Date: Wed, 6 Nov 2019 12:37:19 +0100 Subject: [PATCH 05/16] spec: Standarize field justification to spaces Change-Id: I51e143520f84d3194c8735101cc93f4b4dd84fff --- packaging/crash-worker.spec | 73 +++++++++++++++++++-------------------------- 1 file changed, 31 insertions(+), 42 deletions(-) diff --git a/packaging/crash-worker.spec b/packaging/crash-worker.spec index c4ddbfc..260c3ed 100644 --- a/packaging/crash-worker.spec +++ b/packaging/crash-worker.spec @@ -11,14 +11,14 @@ # NOTE: To disable coredump set DumpCore=0 in configuration file -Name: crash-worker -Summary: Crash-manager -Version: 5.5.26 -Release: 1 -Group: Framework/system -License: Apache-2.0 and BSD -Source0: %{name}-%{version}.tar.gz -Source1001: crash-worker.manifest +Name: crash-worker +Summary: Coredump handler and report generator for Tizen +Version: 5.5.26 +Release: 1 +Group: Framework/system +License: Apache-2.0 and BSD +Source0: %{name}-%{version}.tar.gz +Source1001: crash-worker.manifest BuildRequires: pkgconfig(dlog) BuildRequires: pkgconfig(libtzplatform-config) BuildRequires: pkgconfig(iniparser) @@ -27,12 +27,10 @@ BuildRequires: pkgconfig(glib-2.0) BuildRequires: pkgconfig(rpm) BuildRequires: cmake BuildRequires: pkgconfig(pkgmgr-info) - BuildRequires: pkgconfig(libunwind-generic) BuildRequires: libelf-devel libelf BuildRequires: libebl-devel libebl BuildRequires: libdw-devel libdw - %if %{with doc} BuildRequires: doxygen %endif @@ -44,51 +42,42 @@ BuildRequires: boost-devel Requires(post): coreutils Requires(post): tar Requires(post): gzip -Requires: zip -Requires: libelf -Requires: libdw -Requires: minicoredumper >= 2.1.0 -Requires: %{_bindir}/buxton2ctl +Requires: zip +Requires: libelf +Requires: libdw +Requires: minicoredumper >= 2.1.0 +Requires: %{_bindir}/buxton2ctl %if %{with crashservice} -Requires: %{name}-livedumper = %{version}-%{release} +Requires: %{name}-livedumper = %{version}-%{release} %endif - %description -crash-manager - -%package -n libcrash-service -Summary: libcrash-service provides API to communicate with crash-service -%description -n libcrash-service +%package -n libcrash-service +Summary: libcrash-service provides API to communicate with crash-service +%description -n libcrash-service -%package devel -Summary: Crash-manager development package -%description devel -Requires: libcrash-service -This package provides library and header files. +%package devel +Requires: libcrash-service +Summary: Crash-manager headers and library for linking +%description devel %if %{with doc} -%package doc -Summary: Documentation package for crash-worker -Group: Framework/System - -%description doc -This package provides development documentation for crash-worker. +%package doc +Summary: Documentation package for crash-worker +Group: Framework/System +%description doc %endif %if %{with tests} -%package tests -Summary: Package with binaries and data for crash-worker tests - -%description tests -This package contains installable tests in Bash. +%package tests +Summary: Package with binaries and data for crash-worker tests +%description tests %endif %if %{with livedumper} -%package livedumper -Summary: Livedumper allows to dump core of live process - -%description livedumper +%package livedumper +Summary: Livedumper allows to dump core of live process +%description livedumper %endif %prep -- 2.7.4 From 6bc4dd4a5702e658461fc0fce3ed5bf7567077e4 Mon Sep 17 00:00:00 2001 From: Karol Lewandowski Date: Fri, 8 Nov 2019 14:24:13 +0100 Subject: [PATCH 06/16] Release 6.0.1 Bump release version to next Tizen version. Changes: - Fix preparing report for applications with too long name - Allow new special priv_livecoredump group members to use livedump API - Minor fixes Change-Id: Iaa0374526fd110bd9f565a0afadc4044cd499fb7 --- packaging/crash-worker.spec | 2 +- packaging/crash-worker_system-tests.spec | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packaging/crash-worker.spec b/packaging/crash-worker.spec index 260c3ed..894ba34 100644 --- a/packaging/crash-worker.spec +++ b/packaging/crash-worker.spec @@ -13,7 +13,7 @@ Name: crash-worker Summary: Coredump handler and report generator for Tizen -Version: 5.5.26 +Version: 6.0.1 Release: 1 Group: Framework/system License: Apache-2.0 and BSD diff --git a/packaging/crash-worker_system-tests.spec b/packaging/crash-worker_system-tests.spec index b4fad73..da6a9b6 100644 --- a/packaging/crash-worker_system-tests.spec +++ b/packaging/crash-worker_system-tests.spec @@ -8,7 +8,7 @@ Name: crash-worker_system-tests Summary: Package with binaries and scripts for crash-worker system tests -Version: 5.5.26 +Version: 6.0.1 Release: 1 Group: Framework/system License: Apache-2.0 and BSD -- 2.7.4 From 78a42cd97bbf08f7ba112d6ffda59808bbf6d71e Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Wed, 20 Nov 2019 10:33:16 +0100 Subject: [PATCH 07/16] Change crash-worker-libcrash-service requirement to libcrash-service Change-Id: I1fcc2886404daea67b6be86b6930bb567a0c3f32 --- packaging/crash-worker_system-tests.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/crash-worker_system-tests.spec b/packaging/crash-worker_system-tests.spec index da6a9b6..27edc9a 100644 --- a/packaging/crash-worker_system-tests.spec +++ b/packaging/crash-worker_system-tests.spec @@ -29,7 +29,7 @@ Requires: /bin/bash Requires: /usr/bin/unzip Requires: /usr/bin/mcookie Requires: crash-worker -Requires: crash-worker-libcrash-service +Requires: libcrash-service Requires: %{_sbindir}/minicoredumper %description -- 2.7.4 From 0e81102438d073aa4648eb657500a5aa12b9122e Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Mon, 14 Oct 2019 14:00:40 +0200 Subject: [PATCH 08/16] Configure the crash-service so that it doesn't require root privileges Change-Id: I6bddc446a31449b7419074f10f795b8ee6c61714 --- TODO | 1 + src/crash-service/crash-service.conf | 6 ++++++ src/crash-service/crash-service.service.m4 | 5 +++++ src/dump_systemstate/dump_systemstate.c | 2 +- 4 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 TODO diff --git a/TODO b/TODO new file mode 100644 index 0000000..61aa716 --- /dev/null +++ b/TODO @@ -0,0 +1 @@ +* In the future "/usr/bin/pkgcmd --global" as system_fw user will stop working, so it needs to be changed to get installed applications for the global user and for the actual user. diff --git a/src/crash-service/crash-service.conf b/src/crash-service/crash-service.conf index f1f1e74..43534d9 100644 --- a/src/crash-service/crash-service.conf +++ b/src/crash-service/crash-service.conf @@ -12,6 +12,12 @@ send_interface="org.tizen.system.crash.livedump" send_member="livedump_pid"/> + + + + diff --git a/src/crash-service/crash-service.service.m4 b/src/crash-service/crash-service.service.m4 index f080f40..b4221fd 100644 --- a/src/crash-service/crash-service.service.m4 +++ b/src/crash-service/crash-service.service.m4 @@ -3,8 +3,13 @@ Description=crash service [Service] Type=dbus +User=crash_worker +Group=crash_worker +Capabilities=cap_dac_override,cap_dac_read_search,cap_sys_ptrace,cap_kill,cap_syslog=i +SecureBits=keep-caps BusName=org.tizen.system.crash.livedump ExecStart=/usr/bin/crash-service +SupplementaryGroups=log systemd-journal system_share SmackProcessLabel=System Nice=-5 KillMode=mixed diff --git a/src/dump_systemstate/dump_systemstate.c b/src/dump_systemstate/dump_systemstate.c index 30a8f35..f971350 100644 --- a/src/dump_systemstate/dump_systemstate.c +++ b/src/dump_systemstate/dump_systemstate.c @@ -215,7 +215,7 @@ int main(int argc, char *argv[]) if (arg_pkgs) { fprintf_fd(out_fd, "\n==== Installed packages (/usr/bin/pkgcmd -l)\n"); - char *pkgcmd_args[] = {"/usr/bin/pkgcmd", "-l", NULL}; + char *pkgcmd_args[] = {"/usr/bin/pkgcmd", "-l", "--global", NULL}; // see TODO file spawn_wait_checked(pkgcmd_args, NULL); } -- 2.7.4 From c38cf62a26cefb71f83d07b465ab68cad8d6de89 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Thu, 7 Nov 2019 11:41:59 +0100 Subject: [PATCH 09/16] Drop privileges when started by kernel Change-Id: I3fa61c9f7b89f3fe7b8c7a8bedd8e852bdccf404 --- packaging/crash-worker.spec | 2 + src/crash-manager/CMakeLists.txt | 2 +- src/crash-manager/main.c | 89 +++++++++++++++++++++++++++++++++++++++- 3 files changed, 91 insertions(+), 2 deletions(-) diff --git a/packaging/crash-worker.spec b/packaging/crash-worker.spec index 894ba34..587f6f2 100644 --- a/packaging/crash-worker.spec +++ b/packaging/crash-worker.spec @@ -31,6 +31,8 @@ BuildRequires: pkgconfig(libunwind-generic) BuildRequires: libelf-devel libelf BuildRequires: libebl-devel libebl BuildRequires: libdw-devel libdw +BuildRequires: libcap-devel + %if %{with doc} BuildRequires: doxygen %endif diff --git a/src/crash-manager/CMakeLists.txt b/src/crash-manager/CMakeLists.txt index b38a084..591a3ad 100644 --- a/src/crash-manager/CMakeLists.txt +++ b/src/crash-manager/CMakeLists.txt @@ -43,7 +43,7 @@ SET_TARGET_PROPERTIES(libcrash-manager PROPERTIES OUTPUT_NAME crash-manager) TARGET_LINK_LIBRARIES(libcrash-manager ${crash-manager_pkgs_LDFLAGS}) ADD_EXECUTABLE(${PROJECT_NAME} ${CRASH_MANAGER_SRCS}) -TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${crash-manager_pkgs_LDFLAGS} -pie -lrt libcrash-manager) +TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${crash-manager_pkgs_LDFLAGS} -pie -lcap -lrt libcrash-manager) set(CRASH_POPUP crash-popup-launch) ADD_EXECUTABLE(${CRASH_POPUP} ${CRASH_POPUP}.c) diff --git a/src/crash-manager/main.c b/src/crash-manager/main.c index 53211e8..ed7c9af 100644 --- a/src/crash-manager/main.c +++ b/src/crash-manager/main.c @@ -1,9 +1,18 @@ #include +#include #include #include +#include +#include +#include +#include + #include "shared/log.h" +#include "shared/util.h" #include "crash-manager.h" +#define USER_NAME "crash_worker" + static void print_help(const char *name) { printf("Syntax: %s [OPTIONS]\n" @@ -124,9 +133,86 @@ static bool parse_args(struct crash_info *cinfo, int argc, char *argv[]) #undef GET_NUMBER } +static bool set_caps(const cap_flag_t flag) +{ + bool res = false; + cap_t caps; + cap_value_t cap_list[5] = { + CAP_DAC_READ_SEARCH, + CAP_DAC_OVERRIDE, + CAP_KILL, + CAP_SYS_PTRACE, + CAP_SYSLOG + }; + + caps = cap_get_proc(); + if (caps == NULL) { + _E("cap_get_proc() error: %m"); + goto exit; + } + + if (cap_set_flag(caps, flag, ARRAY_SIZE(cap_list), cap_list, CAP_SET) == -1) { + _E("cap_set_flag() error: %m"); + goto exit; + } + + if (cap_set_proc(caps) == -1) { + _E("cap_set_proc() error: %m"); + goto exit; + } + + res = true; +exit: + if (caps != NULL && cap_free(caps) == -1) { + _E("cap_free() error: %m"); + res = false; + } + return res; +} + +static bool drop_privileges(const char *user_name) +{ + struct passwd *user_info = getpwnam(user_name); + if (!user_info) { + _E("getpwnam() error: %m"); + return false; + } + + if (!set_caps(CAP_PERMITTED)) + return false; + + /* + * setuid() clears capabilities, so we need to set PR_SET_KEEPCAPS and + * restore them after that + */ + if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1) { + _E("prctl(PR_SET_KEEPCAPS) error: %m"); + return false; + } + + if (setuid(user_info->pw_uid) == -1) { + _E("setuid() error: %m\n"); + return false; + } + + if (!set_caps(CAP_EFFECTIVE)) + return false; + + if (!set_caps(CAP_INHERITABLE)) + return false; + + return true; +} int main(int argc, char *argv[]) { + int res; + + if (!drop_privileges(USER_NAME)) { + res = EXIT_FAILURE; + goto exit; + } + struct crash_info cinfo; /* @@ -141,9 +227,10 @@ int main(int argc, char *argv[]) if (!parse_args(&cinfo, argc, argv)) return EXIT_FAILURE; - int res = crash_manager_direct(&cinfo) ? EXIT_SUCCESS : EXIT_FAILURE; + res = crash_manager_direct(&cinfo) ? EXIT_SUCCESS : EXIT_FAILURE; crash_manager_free(&cinfo); +exit: _I("Exiting with exit code %d", res); return res; } -- 2.7.4 From faf2ad14643c87d24ad368e41550db8d7cb38fe9 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Mon, 18 Nov 2019 09:24:40 +0100 Subject: [PATCH 10/16] Set supplementary groups for the crash-manager process Change-Id: I8283c0ca4605d6e882836e4a02079c65dd1ad30c --- src/crash-manager/main.c | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/src/crash-manager/main.c b/src/crash-manager/main.c index ed7c9af..0b34d3b 100644 --- a/src/crash-manager/main.c +++ b/src/crash-manager/main.c @@ -1,4 +1,5 @@ #include +#include #include #include #include @@ -170,6 +171,35 @@ exit: return res; } +static bool set_groups(const char *user_name, const gid_t gid) +{ + int ngroup = 0; + errno = 0; + int ret = getgrouplist(user_name, gid, NULL, &ngroup); + if (ret != -1) { + _E("getgrouplist() unexpected return value: %d", ret); + return false; + } else if (errno != 0) { + _E("getgrouplist() unexcepted failure: %m"); + return false; + } + + gid_t groups[ngroup]; + ret = getgrouplist(user_name, gid, groups, &ngroup); + if (ret == -1) { + _E("getgrouplist() error"); + return false; + } + + ret = setgroups(ngroup, groups); + if (ret != 0) { + _E("setgroups() error: %m\n"); + return false; + } + + return true; +} + static bool drop_privileges(const char *user_name) { struct passwd *user_info = getpwnam(user_name); @@ -190,6 +220,9 @@ static bool drop_privileges(const char *user_name) return false; } + if (!set_groups(user_name, user_info->pw_gid)) + return false; + if (setuid(user_info->pw_uid) == -1) { _E("setuid() error: %m\n"); return false; -- 2.7.4 From bb4ea8215a7170ad3492d71a6e3b198f29e3a0d3 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Wed, 20 Nov 2019 12:03:43 +0100 Subject: [PATCH 11/16] Change system_fw user to crash_worker Change-Id: I79938533fc4475dfd4d9d95e5037fe29928ad0c7 --- TODO | 2 +- packaging/crash-worker.spec | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/TODO b/TODO index 61aa716..7c41e96 100644 --- a/TODO +++ b/TODO @@ -1 +1 @@ -* In the future "/usr/bin/pkgcmd --global" as system_fw user will stop working, so it needs to be changed to get installed applications for the global user and for the actual user. +* In the future "/usr/bin/pkgcmd --global" as crash_worker user will stop working, so it needs to be changed to get installed applications for the global user and for the actual user. diff --git a/packaging/crash-worker.spec b/packaging/crash-worker.spec index 587f6f2..3b345d1 100644 --- a/packaging/crash-worker.spec +++ b/packaging/crash-worker.spec @@ -156,14 +156,14 @@ mkdir -p %{buildroot}%{crash_temp} %files %license LICENSE LICENSE.BSD %manifest crash-worker.manifest -%defattr(-,system_fw,system_fw,-) +%defattr(-,crash_worker,crash_worker,-) %dir %{crash_root_path} %dir %{crash_path} %dir %{crash_temp} %{_sysconfdir}/crash-manager.conf %attr(-,root,root) %{_prefix}/lib/sysctl.d/70-crash-manager.conf -%attr(0750,system_fw,system_fw) %{_bindir}/crash-manager -%attr(0750,system_fw,system_fw) %{_bindir}/dump_systemstate +%attr(0750,crash_worker,crash_worker) %{_bindir}/crash-manager +%attr(0750,crash_worker,crash_worker) %{_bindir}/dump_systemstate %{_sysconfdir}/dump_systemstate.conf.d/files/files.conf.example %{_sysconfdir}/dump_systemstate.conf.d/programs/programs.conf.example %{_libexecdir}/crash-stack @@ -172,7 +172,7 @@ mkdir -p %{buildroot}%{crash_temp} %{_libdir}/libcrash-manager.so.* %if %{with crashservice} -%attr(0750,system_fw,system_fw) %{_bindir}/crash-service +%attr(0750,crash_worker,crash_worker) %{_bindir}/crash-service %attr(-,root,root) %{_unitdir}/crash-service.service %attr(-,root,root) %{_sysconfdir}/dbus-1/system.d/crash-service.conf %attr(-,root,root) %{_datadir}/dbus-1/system-services/org.tizen.system.crash.livedump.service -- 2.7.4 From dec9985b809d284190e1d2e888613c6707157d7a Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Thu, 21 Nov 2019 12:15:47 +0100 Subject: [PATCH 12/16] Release 6.0.2 This release brings: - Run crash-service and crash-worker as crash_worker user - Fix the name of libcrash-service requirement in crash-worker_system-tests Change-Id: Ib1e94342c475b20cde77bd10fbd21fd8a9ddfcb5 --- packaging/crash-worker.spec | 2 +- packaging/crash-worker_system-tests.spec | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packaging/crash-worker.spec b/packaging/crash-worker.spec index 3b345d1..728951b 100644 --- a/packaging/crash-worker.spec +++ b/packaging/crash-worker.spec @@ -13,7 +13,7 @@ Name: crash-worker Summary: Coredump handler and report generator for Tizen -Version: 6.0.1 +Version: 6.0.2 Release: 1 Group: Framework/system License: Apache-2.0 and BSD diff --git a/packaging/crash-worker_system-tests.spec b/packaging/crash-worker_system-tests.spec index 27edc9a..ab3e1b6 100644 --- a/packaging/crash-worker_system-tests.spec +++ b/packaging/crash-worker_system-tests.spec @@ -8,7 +8,7 @@ Name: crash-worker_system-tests Summary: Package with binaries and scripts for crash-worker system tests -Version: 6.0.1 +Version: 6.0.2 Release: 1 Group: Framework/system License: Apache-2.0 and BSD -- 2.7.4 From 81509b3fbf4e4bc68760b0c07f83e18e5b89c8ab Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Fri, 22 Nov 2019 14:04:35 +0100 Subject: [PATCH 13/16] Revert "Allow new special priv_livecoredump group members to use livedump API" This reverts commit ab88e92b1eb4bae8d94523141afb2d59ffc5e6e6. Change-Id: Ida972aa30aaa001ace379a5051ef654589119f76 --- src/crash-service/crash-service.conf | 5 ----- 1 file changed, 5 deletions(-) diff --git a/src/crash-service/crash-service.conf b/src/crash-service/crash-service.conf index 43534d9..bb9d903 100644 --- a/src/crash-service/crash-service.conf +++ b/src/crash-service/crash-service.conf @@ -7,11 +7,6 @@ send_interface="org.tizen.system.crash.livedump" send_member="livedump_pid"/> - - - Date: Fri, 22 Nov 2019 14:06:13 +0100 Subject: [PATCH 14/16] Release 6.0.3 This release brings: - Revert "Allow new special priv_livecoredump group members to use livedump API" commit Change-Id: I10a2458fd1504f475b39e05a91bcd1edfb5a382f --- packaging/crash-worker.spec | 2 +- packaging/crash-worker_system-tests.spec | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packaging/crash-worker.spec b/packaging/crash-worker.spec index 728951b..148e3f4 100644 --- a/packaging/crash-worker.spec +++ b/packaging/crash-worker.spec @@ -13,7 +13,7 @@ Name: crash-worker Summary: Coredump handler and report generator for Tizen -Version: 6.0.2 +Version: 6.0.3 Release: 1 Group: Framework/system License: Apache-2.0 and BSD diff --git a/packaging/crash-worker_system-tests.spec b/packaging/crash-worker_system-tests.spec index ab3e1b6..2cf76be 100644 --- a/packaging/crash-worker_system-tests.spec +++ b/packaging/crash-worker_system-tests.spec @@ -8,7 +8,7 @@ Name: crash-worker_system-tests Summary: Package with binaries and scripts for crash-worker system tests -Version: 6.0.2 +Version: 6.0.3 Release: 1 Group: Framework/system License: Apache-2.0 and BSD -- 2.7.4 From 4c455c0ee6c878e2744ab805713085ace2b11124 Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Mon, 14 Oct 2019 13:04:56 +0200 Subject: [PATCH 15/16] dump_systemstate: Add flag to dump_systemstate to determine whether to run buxton2ctl or not The next commit introduces a change that causes the crash-service not to have to be run as root, so there is need for another way to determine if dmesg or buxton2ctl should be run. Change-Id: I56df8f4dd1b9d8a2f6f072c886e8fa26dda0a317 --- src/crash-manager/crash-manager.c | 2 +- src/dump_systemstate/dump_systemstate.c | 16 ++++++++++------ 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/src/crash-manager/crash-manager.c b/src/crash-manager/crash-manager.c index 8bf424a..bd402a1 100644 --- a/src/crash-manager/crash-manager.c +++ b/src/crash-manager/crash-manager.c @@ -444,7 +444,7 @@ static void launch_crash_popup(struct crash_info *cinfo) static bool dump_system_state(const struct crash_info *cinfo, pid_t *pid) { - char *av[] = {DUMP_SYSTEMSTATE_BIN_PATH, "-d", "-k", "-j", "-p", "-e", "-f", cinfo->log_path, NULL}; + char *av[] = {DUMP_SYSTEMSTATE_BIN_PATH, "-d", "-k", "-j", "-p", "-e", "-f", cinfo->log_path, "-b", NULL}; spawn_param_s param = { .fn = spawn_setstdout, .u.int_val = STDERR_FILENO }; return spawn(av, NULL, ¶m, pid, NULL); } diff --git a/src/dump_systemstate/dump_systemstate.c b/src/dump_systemstate/dump_systemstate.c index f971350..9a0c3ef 100644 --- a/src/dump_systemstate/dump_systemstate.c +++ b/src/dump_systemstate/dump_systemstate.c @@ -59,7 +59,8 @@ static struct dump_item { static void usage() { - fprintf(stderr, "usage: dump_systemstate [-k] [-d] [-j] [-p] [-e] [-f file]\n" + fprintf(stderr, "usage: dump_systemstate [-b] [-k] [-d] [-j] [-p] [-e] [-f file]\n" + " -b: dump Buxton data\n" " -f: write to file (instead of stdout)\n" " -k: dump kernel messages (only root)\n" " -d: dump dlog messages\n" @@ -89,9 +90,10 @@ static int get_disk_used_percent(const char *path) int main(int argc, char *argv[]) { - int c, ret, i, is_root, dpercent, exit_code = 0; + int c, ret, i, dpercent, exit_code = 0; const char *arg_file = NULL; int out_fd = -1; + bool arg_buxton = false; bool arg_dlog = false; bool arg_dmesg = false; bool arg_extras = false; @@ -102,8 +104,11 @@ int main(int argc, char *argv[]) struct tm gm_tm; struct tm loc_tm; - while ((c = getopt(argc, argv, "hf:kdjep")) != -1) { + while ((c = getopt(argc, argv, "hf:kdbjep")) != -1) { switch (c) { + case 'b': + arg_buxton = true; + break; case 'd': arg_dlog = true; break; @@ -134,7 +139,6 @@ int main(int argc, char *argv[]) cur_time = time(NULL); gmtime_r(&cur_time, &gm_tm); localtime_r(&cur_time, &loc_tm); - is_root = !(geteuid()); /* open output file */ if (arg_file == NULL) { @@ -204,7 +208,7 @@ int main(int argc, char *argv[]) char *memps_args[] = {"/bin/memps", "-v", NULL}; spawn_wait_checked(memps_args, NULL); - if (is_root) { + if (arg_buxton) { fprintf_fd(out_fd, "\n==== System configuration (/usr/bin/buxton2ctl dump memory, system)\n"); char *get_mem_args[] = {"/bin/buxton2ctl", "dump", "memory", NULL}; spawn_wait_checked(get_mem_args, NULL); @@ -219,7 +223,7 @@ int main(int argc, char *argv[]) spawn_wait_checked(pkgcmd_args, NULL); } - if (arg_dmesg && is_root) { + if (arg_dmesg) { fprintf_fd(out_fd, "\n==== Kernel messages (TZ=UTC /bin/dmesg -T)\n"); char *dmesg_args[] = {"/bin/dmesg", "-T", NULL}; char *dmesg_env[] = {"TZ=UTC", NULL}; -- 2.7.4 From 3f820f88f067be0e1ddc63e13313361e0f95958e Mon Sep 17 00:00:00 2001 From: Mateusz Moscicki Date: Tue, 5 Nov 2019 14:15:51 +0100 Subject: [PATCH 16/16] dump_systemstate: Dump additional files and applications output Change-Id: I2c1348a25f7da30c5a177489eb4e57aed5f730ea --- packaging/crash-worker.spec | 2 ++ src/dump_systemstate/CMakeLists.txt | 6 ++++++ src/dump_systemstate/dump_systemstate.c | 8 ++++++++ src/dump_systemstate/files.conf.example | 6 ++++++ src/dump_systemstate/files/10-crash-worker.conf | 7 +++++++ src/dump_systemstate/programs.conf.example | 2 ++ src/dump_systemstate/programs/10-crash-worker.conf | 4 ++++ 7 files changed, 35 insertions(+) create mode 100644 src/dump_systemstate/files/10-crash-worker.conf create mode 100644 src/dump_systemstate/programs/10-crash-worker.conf diff --git a/packaging/crash-worker.spec b/packaging/crash-worker.spec index 148e3f4..4a5e9ac 100644 --- a/packaging/crash-worker.spec +++ b/packaging/crash-worker.spec @@ -165,7 +165,9 @@ mkdir -p %{buildroot}%{crash_temp} %attr(0750,crash_worker,crash_worker) %{_bindir}/crash-manager %attr(0750,crash_worker,crash_worker) %{_bindir}/dump_systemstate %{_sysconfdir}/dump_systemstate.conf.d/files/files.conf.example +%{_sysconfdir}/dump_systemstate.conf.d/files/10-crash-worker.conf %{_sysconfdir}/dump_systemstate.conf.d/programs/programs.conf.example +%{_sysconfdir}/dump_systemstate.conf.d/programs/10-crash-worker.conf %{_libexecdir}/crash-stack %{_libexecdir}/crash-popup-launch %{_libexecdir}/crash-notify-send diff --git a/src/dump_systemstate/CMakeLists.txt b/src/dump_systemstate/CMakeLists.txt index 7c3fa21..d659aa4 100755 --- a/src/dump_systemstate/CMakeLists.txt +++ b/src/dump_systemstate/CMakeLists.txt @@ -34,6 +34,12 @@ INSTALL(TARGETS ${PROJECT_NAME} DESTINATION bin INSTALL(FILES ${CMAKE_SOURCE_DIR}/src/${PROJECT_NAME}/files.conf.example DESTINATION ${DUMP_SYSTEMSTATE_CONFIG_DIR_PATH}/files PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) +INSTALL(FILES ${CMAKE_SOURCE_DIR}/src/${PROJECT_NAME}/files/10-crash-worker.conf + DESTINATION ${DUMP_SYSTEMSTATE_CONFIG_DIR_PATH}/files + PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) INSTALL(FILES ${CMAKE_SOURCE_DIR}/src/${PROJECT_NAME}/programs.conf.example DESTINATION ${DUMP_SYSTEMSTATE_CONFIG_DIR_PATH}/programs PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) +INSTALL(FILES ${CMAKE_SOURCE_DIR}/src/${PROJECT_NAME}/programs/10-crash-worker.conf + DESTINATION ${DUMP_SYSTEMSTATE_CONFIG_DIR_PATH}/programs + PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) diff --git a/src/dump_systemstate/dump_systemstate.c b/src/dump_systemstate/dump_systemstate.c index 9a0c3ef..46f11f3 100644 --- a/src/dump_systemstate/dump_systemstate.c +++ b/src/dump_systemstate/dump_systemstate.c @@ -191,6 +191,14 @@ int main(int argc, char *argv[]) char *du_args[] = {"/bin/du", "-ah", "/opt", "--exclude=/opt/usr", NULL}; spawn_wait_checked(du_args, NULL); } + + dpercent = get_disk_used_percent("/tmp"); + if (80 < dpercent) { + fprintf_fd(out_fd, "\n==== tmp usage detail - %d%% (/bin/du -h /tmp)\n", dpercent); + char *du_args[] = {"/bin/du", "-h", "/tmp", NULL}; + spawn_wait_checked(du_args, NULL); + } + fprintf_fd(out_fd, "\n==== System timezone (ls -al /opt/etc/localtime)\n"); char *ls_args[] = {"/bin/ls", "-al", "/opt/etc/localtime", NULL}; spawn_wait_checked(ls_args, NULL); diff --git a/src/dump_systemstate/files.conf.example b/src/dump_systemstate/files.conf.example index 92d5f22..e8c73c2 100644 --- a/src/dump_systemstate/files.conf.example +++ b/src/dump_systemstate/files.conf.example @@ -1,3 +1,9 @@ +# Please consider prefixing config names with numbers (NN-) if you need order +# to be preserved. +# +# Crash-worker reserves number 00-19 for its purpose. Please add files +# with number > 20. + [UNIQUE_ID_KEY] title=header line that gets printed (path gets appended too) path=/path/to/the/file diff --git a/src/dump_systemstate/files/10-crash-worker.conf b/src/dump_systemstate/files/10-crash-worker.conf new file mode 100644 index 0000000..6c723e6 --- /dev/null +++ b/src/dump_systemstate/files/10-crash-worker.conf @@ -0,0 +1,7 @@ +[VMSTAT] +title=Virtual Memory statistics +path=/proc/vmstat + +[KERNEL_LOCKS] +title=Kernel lock +path=/proc/locks diff --git a/src/dump_systemstate/programs.conf.example b/src/dump_systemstate/programs.conf.example index 8e26083..a1782bf 100644 --- a/src/dump_systemstate/programs.conf.example +++ b/src/dump_systemstate/programs.conf.example @@ -1,3 +1,5 @@ +# See files.conf.example for note about file naming and ordering. + [UNIQUE_ID_KEY] title=header line describing the program (will be printed alongside env, path and args) path=/path/to/the/program/executable diff --git a/src/dump_systemstate/programs/10-crash-worker.conf b/src/dump_systemstate/programs/10-crash-worker.conf new file mode 100644 index 0000000..67c5f58 --- /dev/null +++ b/src/dump_systemstate/programs/10-crash-worker.conf @@ -0,0 +1,4 @@ +[IPC] +title=System IPC facilities +path=/usr/bin/ipcs +args=-a -- 2.7.4