-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exploratory debug symbols & core dump analysis for Agent (RPM) #23452
Comments
Redhat based distros do not generate core dump when a process is killed using the kill command. To achieve the desired result we leveraged a recently discovered bug described in #23354. We replicated the issue (steps described in this comment) and set up a 4.9 manager for the agent to connect and thus a core dump was generated. The whole test had to be restarted to ensure the instructions given in the documentation part of the issue are accurate. |
In CentOS core dumps are not generated by kill -9 commands but are generated for kill -11, making it unnecessary to use an existing but like the one mentioned in the previous comment. Also, the core dump configuration steps differ from Ubuntu systems. Final test completed:1- Cloned wazuh/wazuh repository:
2- Installed dependencies:
3- Generated rpm packages:
4- Installed the manager and debug symbols:
5- Restarted Wazuh:6- Enabled and configured coredump:
7- Select and kill Wazuh processes. Check for core dump generation:8- Gdb output (core dump files were renamed for readability): |
@jotacarma90 will check if the debug symbols are uploaded to s3 |
After fixing the workflow for DEB Agent, the workflow for RPM Agent fails. But it fails using master branch too so there is some external issue. Workflow fail on master branch: |
Description
This issue aims to make a exploratory session of current #9913 phase 1 development for the Agent instance of the RPM package.
Verifications should be performed on the following issues to check end to end the process from generation of symbols to core dump analysis with them.
These verifications must be performed by a different collaborator than the originally assigned to the issue, and a full detail of procedures, logs and results must be provided.
Evidence of success must be provided as well.
Goals
DoD
Approval
DRI Name: @ncvicchi
Objective: Generate debug symbols
The text was updated successfully, but these errors were encountered: