Generate core dump for a process run by sudo

Question

To my /etc/security/limits.conf I add the following lines and rebooted:

root            soft    core            unlimited
*               soft    core            unlimited

Now core dumps are generated under my user and under sudo su. And in both cases ulimit -a shows me the desired:

core file size              (blocks, -c) unlimited

But when under my user I run sudo bash -c "ulimit -a" I get:

core file size              (blocks, -c) 0

and core dumps for processes run with sudo and destroyed e.g. by SIGSEGV are not generated at /var/lib/apport/coredump/. This command also does not help: sudo bash -c "ulimit -c unlimited".

What can be done? Could you, please explain, why the core dump limit for sudo is different than that of root? I expected that when I run sudo bash -c "ulimit -a" I would get values for root. Thank you.

Answer 1

# cat  /etc/sudoers.d/mysudoers
Defaults rlimit_core=default

The answer was found here:

https://superuser.com/questions/1733614/how-to-configure-core-dumps-ulimit-c-from-within-sudo-within-docker

The explanation:

https://manpages.ubuntu.com/manpages/jammy/en/man5/sudoers.5.html :

Resource limits ... The one exception to this is the core dump file size, which is set by sudoers to 0 by default. Disabling core dumps by default makes it possible to avoid potential security problems where the core file is treated as trusted input.

Also, note that it's crucial to make kill -11 $mypid, where the pid is that of ./myapp, rather than its parent process sudo ./myapp. Note: 11 is SIGSEGV.