[ZBX-10086] cannot disable core dump at server startup Created: 2015 Nov 17 Updated: 2017 May 30 Resolved: 2016 Mar 14 |
|
Status: | Closed |
Project: | ZABBIX BUGS AND ISSUES |
Component/s: | Agent (G), Proxy (P), Server (S) |
Affects Version/s: | 3.0.0alpha4 |
Fix Version/s: | 3.0.2rc1, 3.2.0alpha1 |
Type: | Incident report | Priority: | Critical |
Reporter: | itnihao | Assignee: | Unassigned |
Resolution: | Fixed | Votes: | 0 |
Labels: | encryption | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | Can't support SMTP.png |
Description |
``` |
Comments |
Comment by itnihao [ 2015 Nov 17 ] |
configure: ./configure --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu --target=x86_64-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib --mandir=/usr/share/man --infodir=/usr/share/info --enable-dependency-tracking --enable-server --enable-proxy --enable-java --enable-agent --enable-ipv6 --with-net-snmp --with-openipmi --with-unixodbc --with-ldap --with-ssh2 --with-libcurl --with-libxml2 --with-openssl --sysconfdir=/etc/zabbix --datadir=/var/lib --enable-server --with-mysql '--with-cc-opt=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic ' but can't support SMTP: |
Comment by Aleksandrs Saveljevs [ 2015 Nov 17 ] |
Problem introduced with encryption, |
Comment by Andris Mednis [ 2015 Nov 17 ] |
I tried to compile on Debian testing (Debian GNU/Linux stretch/sid, Linux 4.2.0-1-amd64) with gcc 5.2.1. -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic and configured: $ CC=gcc-5 CFLAGS=$(cat my_options.txt) ./configure --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu --target=x86_64-redhat-linux-gnu --prefix=`pwd` --enable-dependency-tracking --enable-server --enable-proxy --enable-agent --enable-ipv6 --with-net-snmp --with-openipmi --with-unixodbc --with-ldap --with-ssh2 --with-libcurl --with-libxml2 --with-openssl --enable-server --with-postgresql 2>&1 | tee my_configure.out .... Compiler: gcc-5 Compiler flags: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -I/usr/include/postgresql -I/usr/include/libxml2 -I/usr/local/include -I/usr/lib/x86_64-linux-gnu/perl/5.20/CORE -I. -I/usr/include -I/usr/include -I/usr/include -I/usr/include -I/usr/include Enable server: yes Server details: With database: PostgreSQL WEB Monitoring: cURL Native Jabber: no SNMP: yes IPMI: yes SSH: yes TLS: OpenSSL ODBC: yes Linker flags: -rdynamic -L/usr/lib/x86_64-linux-gnu -L/usr/lib/x86_64-linux-gnu -L/usr/lib -L/usr/lib -L/usr/lib -L/usr/lib -L/usr/lib/x86_64-linux-gnu Libraries: -lodbc -lm -ldl -lresolv -lodbc -lpq -lxml2 -lodbc -lnetsnmp -lssh2 -lOpenIPMI -lOpenIPMIposix -lssl -lcrypto -lldap -llber -lcurl .... It worked without errors. |
Comment by Atsushi Tanaka [ 2016 Jan 25 ] |
If you want enable SMTP authentication, you must use libcurl version 7.20.0 or later. And, zabbix_server does not output the log? 31724:20160125:122203.114 cannot set resource limit: [13] Permission denied 31724:20160125:122203.114 cannot disable core dump, exiting... This is I think the process is limited by SELinux. |
Comment by itnihao [ 2016 Feb 15 ] |
curl version 7.19.7. For some reason that doesn't support NTLM authentication https://bugzilla.redhat.com/show_bug.cgi?id=603783 so SMTP authentication: NO,should be update libcurl >7.20 |
Comment by itnihao [ 2016 Feb 15 ] |
In CentOS 6,you can use curl rpm from https://github.com/zabbixcn/curl-rpm |
Comment by itnihao [ 2016 Feb 15 ] |
should be Comment curl version > 7.20 https://www.zabbix.com/documentation/3.0/manual/config/notifications/media/email |
Comment by Aleksandrs Saveljevs [ 2016 Feb 16 ] |
Let's continue the discussion on SMTP authentication in |
Comment by Martijn Storck [ 2016 Feb 25 ] |
Is the core dump disable issue handled in a separate ticket? This completely breaks Zabbix Agent 3.0 on CentOS 6. Using a community-supplied curl RPM is not an acceptable workaround for an Enterprise Linux OS. |
Comment by Andris Mednis [ 2016 Feb 25 ] |
Disabling of core dump was added in Zabbix 3.0 as part of encryption support as a recommended practice. However, it was added regardless of encryption support - this can be counted as a bug. We can consider removing it when compiling without encryption support. Could it be SELinux policy which blocks using setrlimit() by Zabbix ? https://forum.nginx.org/read.php?2,254456,254496 seem to deal with setrlimit() in SELinux. |
Comment by Andris Mednis [ 2016 Mar 11 ] |
Fixed in development branch svn://svn.zabbix.com/branches/dev/ZBX-10086 . |
Comment by Aleksandrs Saveljevs [ 2016 Mar 14 ] |
(1) Function zbx_coredump_disable() was not wrapped in #ifdef ENCRYPTION in include/zbxnix.h file. That meant that there would be a prototype, but no implementation for the function if compiled without encryption. It would be better not to provide the prototype in this case, too, so that a compiler can explicitly complain about the missing prototype, rather than just the linking issue. asaveljevs RESOLVED in r58983. andris Thanks! Reviewed, accepted. |
Comment by Andris Mednis [ 2016 Mar 14 ] |
Fixed in versions:
No changes to documentation |
Comment by patrik uytterhoeven [ 2016 Mar 16 ] |
I had this same issue on RHEL 7.1 |
Comment by Atsushi Tanaka [ 2016 Mar 16 ] |
If you can not start in RHEL 7.1, it is because of another bug. Bug 1071171 - crash when linking libtspi and libmysqlclient [NEEDINFO] |
Comment by patrik uytterhoeven [ 2016 Mar 16 ] |
as you can see that's what i did |
Comment by Andris Mednis [ 2016 Mar 16 ] |
Added a note about disabling core dumps in documentation at https://www.zabbix.com/documentation/3.0/manual/installation/requirements#supported_platforms . sasha Thanks! CLOSED |
Comment by Tomas Jecha [ 2016 Aug 01 ] |
Workaround: yum clean all yum update selinux-policy.noarch selinux-policy-targeted.noarch |
Comment by patrik uytterhoeven [ 2016 Aug 01 ] |
yes a note was already added to the zabbix docs for this |