GRSEC and Varnish (FIXED)
bernard at frit.net
Tue Feb 9 14:55:22 CET 2010
Mark Moseley a écrit :
> Try putting "ulimit -c unlimited" in your varnishd rc file. I haven't
> needed to get a varnishd core file before, so maybe the devs might be
> able to advise if there's other steps necessary as well. There should
> also be some logs saying that it died (or at least that it restarted);
> dunno what your distro you're using, but in debian, those typically
> end up in /var/log/syslog.
No way to get a core file even with ulimit -c unlimited.
I use Gentoo and the kernel logs are in /var/log/kern.log
> You could tail varnishncsa to see if there's a common request where it
> seems to segfault at and if there is, you could attach to varnishd
> with "gdb /path/to/varnishd <pid of varnishd>" and try to trigger it.
> Then get the backtrace with 'bt'. But be aware that it'll bog it down
> dreadfully, so i wouldn't advise it in production.
I could not figure out any common request.
So I end up googling "gentoo varnish" and it appears that the Gentoo
team had released a varnish-2.0.4-r1 package and marked unstable
varnish-2.0.4 and 2.0.5 gentoo packages. So I installed the r1 package
yesterday and I didn't get any more segfault since I restarted varnishd.
Thanks for your help and best regards
More information about the varnish-misc