diff --git a/doc/configuration.txt b/doc/configuration.txt index 05ca6db14..adba26802 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -1141,22 +1141,23 @@ setenv set-dumpable This option is better left disabled by default and enabled only upon a - developer's request. It has no impact on performance nor stability but will - try hard to re-enable core dumps that were possibly disabled by file size - limitations (ulimit -f), core size limitations (ulimit -c), or "dumpability" - of a process after changing its UID/GID (such as /proc/sys/fs/suid_dumpable - on Linux). Core dumps might still be limited by the current directory's - permissions (check what directory the file is started from), the chroot - directory's permission (it may be needed to temporarily disable the chroot - directive or to move it to a dedicated writable location), or any other - system-specific constraint. For example, some Linux flavours are notorious - for replacing the default core file with a path to an executable not even - installed on the system (check /proc/sys/kernel/core_pattern). Often, simply - writing "core", "core.%p" or "/var/log/core/core.%p" addresses the issue. - When trying to enable this option waiting for a rare issue to re-appear, it's - often a good idea to first try to obtain such a dump by issuing, for example, - "kill -11" to the haproxy process and verify that it leaves a core where - expected when dying. + developer's request. If it has been enabled, it may still be forcibly + disabled by prefixing it with the "no" keyword. It has no impact on + performance nor stability but will try hard to re-enable core dumps that were + possibly disabled by file size limitations (ulimit -f), core size limitations + (ulimit -c), or "dumpability" of a process after changing its UID/GID (such + as /proc/sys/fs/suid_dumpable on Linux). Core dumps might still be limited by + the current directory's permissions (check what directory the file is started + from), the chroot directory's permission (it may be needed to temporarily + disable the chroot directive or to move it to a dedicated writable location), + or any other system-specific constraint. For example, some Linux flavours are + notorious for replacing the default core file with a path to an executable + not even installed on the system (check /proc/sys/kernel/core_pattern). Often, + simply writing "core", "core.%p" or "/var/log/core/core.%p" addresses the + issue. When trying to enable this option waiting for a rare issue to + re-appear, it's often a good idea to first try to obtain such a dump by + issuing, for example, "kill -11" to the haproxy process and verify that it + leaves a core where expected when dying. ssl-default-bind-ciphers This setting is only available when support for OpenSSL was built in. It sets diff --git a/src/cfgparse.c b/src/cfgparse.c index a621b5d51..0cad16ba8 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -2147,9 +2147,12 @@ int readcfgfile(const char *file) args[arg] = args[arg+1]; // shift args after inversion } - if (kwm != KWM_STD && strcmp(args[0], "option") != 0 && \ - strcmp(args[0], "log") != 0 && strcmp(args[0], "busy-polling")) { - ha_alert("parsing [%s:%d]: negation/default currently supported only for options, log, and busy-polling.\n", file, linenum); + if (kwm != KWM_STD && strcmp(args[0], "option") != 0 && + strcmp(args[0], "log") != 0 && strcmp(args[0], "busy-polling") != 0 && + strcmp(args[0], "set-dumpable") != 0) { + ha_alert("parsing [%s:%d]: negation/default currently " + "supported only for options, log, busy-polling and " + "set-dumpable.\n", file, linenum); err_code |= ERR_ALERT | ERR_FATAL; }