Red Hat Bugzilla – Bug 801496
mkdumrd does not allow remote dumping if remote user has a restricted shell (rksh)
Last modified: 2015-02-08 16:37:51 EST
Description of problem:
The mkdumprd command creates an init script that doesn't work if the remote user that is being used to receive the dump is configured with a restricted shell (rksh) for one simple reason: Restricted shell forbids the use of redirection.
Version-Release number of selected component (if applicable):
Applicable for all versions of versions of kexec-tools shipped with RHEL
Configure kdump to dump vmcore via ssh, with the remote kdump user configured to use a restricted shell (rksh), and trigger a kernel panic
Dumping will fail since restricted shell forbids the use of redirection.
Dumping should work even if the remote user is configured with a restricted shell (rksh)
Created attachment 568738 [details]
Patch to allow network dumps when the remote use is in a restricted shell
This patch changes the mkdumprd command to use the tee command rather than classic redirection when cat'ing the dump to a file via SSH. It was tested with kexec-tools-1.102pre-126.el5_6.6.x86_64.
This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux release. Product Management has
requested further review of this request by Red Hat Engineering, for
potential inclusion in a Red Hat Enterprise Linux release for currently
deployed products. This request is not yet committed for inclusion in
Created attachment 597202 [details]
use dd instead of cat in ssh vmcore saving
Same reason with rhel6 bug 801497, tee will create lots of output to stdout, so we will use "dd of=".
Backport the patch from rhel6
I uploaded rhel5 srpm and rpms to below url
Could you ask customer to test?
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.