Re: How to make a core dump?

• Previous message: Kurt Seifried: "Re: redhat patch problem?"
• In reply to: Alexander Morozov: "How to make a core dump?"
• Next in thread: Andrew Miller: "Re: How to make a core dump?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 5 Sep 2004 12:34:01 -0400 (EDT)
To: Alexander Morozov <amorozov@pisem.net>, focus-linux@securityfocus.com

The following is for sun solaris. For other OS, such
as Linux or other Unix, there must be similar
commands.

# dumpadm
to define the dump device and savecore directory. Make
sure the save core directory has enough space to save
the image of the memory.

# savecore ¨CL
to save a crash dump of the OS into savecore directory

 --- Alexander Morozov <amorozov@pisem.net> wrote:
> Hello everyone,
> recently my friend have found a malcious program
> running on his
> web-server. After some actions i thought it would be
> helpful to make
> its core dump, but i couldn't figure out how to do
> this. The only
> thing that came to mind was attaching to it with
> gdb, stopping
> it and dumping regions of memory manually (using
> memory map in
> /proc/pid/mem). It went fine, i copied all segments
> but it would be much
> better to have standart core dump, to be able to use
> usual programms on
> it later. I remember, that several years ago default
> behaviour of a
> program running under linux was dumping itself on
> SIGSEGV.
> And I wonder, how was this fullfilled, was it
> feature of glibc to catch
> SIGV and write a dump? Or was it made by the kernel?
>
> Alexander Morozov
>

______________________________________________________________________
Post your free ad now! http://personals.yahoo.ca

• Previous message: Kurt Seifried: "Re: redhat patch problem?"
• In reply to: Alexander Morozov: "How to make a core dump?"
• Next in thread: Andrew Miller: "Re: How to make a core dump?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: [PATCH] A few small additions and corrections to README ... adds "make config" to the list of possible configuration targets. ... These are the release notes for Linux version 2.6. ... GNU C compiler ... If you compiled the kernel with CONFIG_KALLSYMS you can send the dump ... (Linux-Kernel) [PATCH] A few small additions and corrections to README ... adds "make config" to the list of possible configuration targets. ... These are the release notes for Linux version 2.6. ... GNU C compiler ... If you compiled the kernel with CONFIG_KALLSYMS you can send the dump ... (Linux-Kernel) [patch 26/38] zfcpdump support. ... s390 machines provide hardware support for creating Linux dumps on SCSI ... For creating a dump a special purpose dump Linux is used. ... 32 MB of memory are saved by the hardware before the dump Linux is ... (Linux-Kernel) [patch 8/8] zfcpdump support. ... s390 machines provide hardware support for creating Linux dumps on SCSI ... For creating a dump a special purpose dump Linux is used. ... 32 MB of memory are saved by the hardware before the dump Linux is ... (Linux-Kernel) Re: dump ufsdump via SSH works but.... sometimes core dumps ... A real dump is able to deal with endian problems, ... >> and as restore is called restore in Linux and ufsrestore in Solaris he ... >> I would never trust GNU tar to do any of my backups. ... GNU tar definitely cannot do incremental backups. ... (comp.os.linux.misc)