Created on 09-30-2016 08:38 AM Edited on 04-20-2022 12:47 PM By Anonymous
Description
After 3.7.4, we stop core dumping since it consumes HDD space too much.
But, if you need to have core dump, please use following steps.
1. Verify current core dump settings.
ulimit -c
If return value is “0”, core dump is disabled.
“Unlimited”, core dump is enabled with unlimited size.
cat /proc/sys/kernel/core_pattern
This command shows destination of core file. Default value “%e.core.sig%s.pid%p” or “core”.
2. Change core dump destination
Make sure /data/core directory is owned by admin.
Then, refer to the related KB article "How to change coredump destinations on AO".
3. Change core dump destination (cnt.)
The destination setting will be gone after rebooting VA. For avoiding it, additional step is required.
Edit /opt/phoenix/config/sys/etc/etc_sysctl.conf.el5x64 and etc_sysctl.conf.el5x32
Change following line
kernel.core_pattern = %e.core.sig%s.pid%p
to
kernel.core_pattern = /data/core/%e.core.sig%s.pid%p
4. Enable core dump
Edit /opt/phoenix/bin/.bashrc
Comment out “ulimit -c 0” and remove # from “#ulimit -S -c unlimited > /dev/null 2>&1”
Edit /root/.bashrc
Add “ulimit -c unlimited > /dev/null 2>&1” into end of file.
5. Reboot
6. Verify core dumping
kill -ABRT pid
Related Articles
Technical Note: [Accelops KB] How to change coredump destinations on AO - INTERNAL
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.