Debugging privsep code on OpenBSD-current just became a little easier. In this commit, Theo de Raadt (deraadt@) added a new kern.nosuidcoredump value, 3, which makes core dumps go to /var/crash/$programname (assuming the directory exists), and dumps cores named after the crashing program's PID.

Changes by: deraadt@cvs.openbsd.org 2014/05/03 21:53:38 Modified files: sys/kern : kern_sig.c lib/libc/gen : sysctl.3 sbin/sysctl : sysctl.8 share/man/man5 : core.5 Log message: When kern.nosuidcoredump=3, act like =2 but try to dump cores into the /var/crash/programname/ directory, as root. For instance, # mkdir /var/crash/bgpd/ # chmod 700 /var/crash/bgpd/ # If you skip this step, you are a moron # sysctl kern.nosuidcoredump=3 # bgpd # pkill -ABRT bgpd # ls /var/crash/bgpd/ 14764.core 23207.core 6423.core Of course, in real life the idea is that you don't kill the daemon but it crashes and you collect parallel cores. Careful you don't fill your /var. Further tuneables are being considered. Sorry to be picking on bgpd for this example. I've watched the "too difficult to debug privsep code" angst for far too long. ok guenther