Disable creation of debugger FIFO pipes

[salrashid123]

I need to run dotnet in a restricted container/sandbox where 'mknod' syscall is not available (among other syscalls)

However, dotnet always creates FIFO pipes for debuggers to attach to here in twowaypipe.cpp for both Debug and Release as described in this issue too: #https://github.com/dotnet/coreclr/issues/3182#issuecomment-200274440

I can tell mknod is created on linux by running strace: strace dotnet run project.json

mknod("/tmp/clr-debug-pipe-23567-3090990-in", S_IFIFO|0700) = 0
mknod("/tmp/clr-debug-pipe-23567-3090990-out", S_IFIFO|0700) = 0

An example of a restricted container/sandbox is running docker using its --secruity-opt flag and commenting out the syscalls in question from config:

docker run   -t --security-opt seccomp:default.json your_corclr_image

My feature request here is to add a flag to disable debugger creation of these pipes entirely.

I didn't observe other places where mknod was used but if there is also a way to disable that debugger pipes as part of build.sh for coreCLR, i can try that and then run it in docker with the mknod disabled to test (i.,e any pointers on what i should comment out in the source to prevent these pipes)

[jkotas]

cc @mikem8361

[mikem8361]

Not sure if we will get this in for 2.0. If you want to build coreclr without the debugging support/pipe creation, remove DEBUGGING_SUPPORTED defined from clrdefinitions.cmake. You may have to fix some build issues because building for xplat without this defined hasn't been tested.

[mikem8361]

We will probably add another environment variable to disable debugging (and pipe creation).

[mikem8361]

We are little hesitant to add an environment to disable debugging because it would be yet another cause for complains that debugging/launch/attach isn't working if it was set by mistake or started being used widespread.

[salrashid123]

You mean no environment variable but there would an explicit,clear command arg to disable this though (eg. dotnet --no-debug run or something like that).

(FWIW, i tried disabling the debugging_supported flag and recompiling. i got to about 33% of the way through but fixing the rest of the builds was a bit involved. I'm hoping 2.0.0 has someway to disable the pipe).

[mikem8361]

We could add a hosting API to disable debugging and modify the hosts like dotnet to have that option. It will take a little research and some coordination between the projects to make this happen. But a host command line option would be the "safest" way.

[lt72]

The hosting API seems the most flexible way to tackle this issue, although simply handling the failure gracefully could wok as well, and it would be easier to implement if there are no negative ramifications.

[sergiusens]

Hi, I want to add my two cents.

If seccomp is enabled, where the behavior today is a SIGKILL there is no easy way to handle the behaviour of a denial.

[jkotas]

Reverted in dotnet/coreclr#16007

[rayterrill]

Seeing A TON of what looks like debug info logged to /tmp, as well as INFORMATIONAL messages to the local syslog on Ubuntu16.04. Is this the same issue as above? Any way to disable this?

[mikem8361]

This issue is specifically about the pipes for managed debugging in /tmp. They are named something like “clr-debug-pipe-17206-65823754-out”, “clr-debug-pipe-17206-65823754-in” where 17206 is the process id and 65823754 is the process creation time.

I don’t know anything about the syslog messages.

[rayterrill]

I’m definitely seeing this - also seeing a GUID directory which appears to correspond to the PowerShell namespace get created, and then not get removed. Eventually it “fills up” /tmp to the point where nothing else can be created in that directory.

Showstopper for me. :(

[lt72]

Could you share some of the messages logged to /tmp and syslog that come from dotnet? it may help us understanding the origin of those messages.

[rayterrill]

Using "inotifywait -e create -m /tmp" to monitor /tmp:

Lauching "pwsh" generates messages like this into /tmp: /tmp/ CREATE clr-debug-pipe-1279-96230436-in /tmp/ CREATE clr-debug-pipe-1279-96230436-out

And this into syslog:

Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:1:10) [Perftrack_ConsoleStartupStart:PowershellConsoleStartup.WinStart.Informational] PowerShell console is starting up
Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:6:11) [Provider_Lifecycle:ProviderStart.Method.Informational] Provider Alias changed state to Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = dotnet/coreclr#12        Runspace ID = dotnet/coreclr#12        Pipeline ID = dotnet/coreclr#12        Command Name = dotnet/coreclr#12        Command Type = dotnet/coreclr#12        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 1#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:6:11) [Provider_Lifecycle:ProviderStart.Method.Informational] Provider Environment changed state to Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = dotnet/coreclr#12        Runspace ID = dotnet/coreclr#12        Pipeline ID = dotnet/coreclr#12        Command Name = dotnet/coreclr#12        Command Type = dotnet/coreclr#12        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 2#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:6:11) [Provider_Lifecycle:ProviderStart.Method.Informational] Provider FileSystem changed state to Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = dotnet/coreclr#12        Runspace ID = dotnet/coreclr#12        Pipeline ID = dotnet/coreclr#12        Command Name = dotnet/coreclr#12        Command Type = dotnet/coreclr#12        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 3#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:6:11) [Provider_Lifecycle:ProviderStart.Method.Informational] Provider Function changed state to Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = dotnet/coreclr#12        Runspace ID = dotnet/coreclr#12        Pipeline ID = dotnet/coreclr#12        Command Name = dotnet/coreclr#12        Command Type = dotnet/coreclr#12        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 4#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:6:11) [Provider_Lifecycle:ProviderStart.Method.Informational] Provider Variable changed state to Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = dotnet/coreclr#12        Runspace ID = dotnet/coreclr#12        Pipeline ID = dotnet/coreclr#12        Command Name = dotnet/coreclr#12        Command Type = dotnet/coreclr#12        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 5#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:1:11) [Engine_Lifecycle:EngineStart.Method.Informational] Engine state changed from None to Available.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = dotnet/coreclr#12        Command Name = dotnet/coreclr#12        Command Type = dotnet/coreclr#12        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 6#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStart.Method.Informational] Command Import-Module is Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 1#012        Command Name = Import-Module#012        Command Type = Cmdlet#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 7#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStart.Method.Informational] Command Out-Default is Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 1#012        Command Name = Out-Default#012        Command Type = Cmdlet#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 8#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStop.Method.Informational] Command Import-Module is Stopped.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 1#012        Command Name = Import-Module#012        Command Type = Cmdlet#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 9#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStop.Method.Informational] Command Out-Default is Stopped.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 1#012        Command Name = Out-Default#012        Command Type = Cmdlet#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 10#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:1:10) [Perftrack_ConsoleStartupStop:PowershellConsoleStartup.WinStop.Informational] PowerShell console is ready for user input
Mar  5 11:35:16 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStart.Method.Informational] Script execution is Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 2#012        Command Name = dotnet/coreclr#12        Command Type = Script#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 11#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:17 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStart.Method.Informational] Command prompt is Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 2#012        Command Name = prompt#012        Command Type = Function#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 12#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:17 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStop.Method.Informational] Command prompt is Stopped.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 2#012        Command Name = prompt#012        Command Type = Function#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 13#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:17 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStop.Method.Informational] Script execution is Stopped.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 2#012        Command Name = dotnet/coreclr#12        Command Type = Script#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 14#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:17 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStart.Method.Informational] Command PSConsoleHostReadline is Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 3#012        Command Name = PSConsoleHostReadline#012        Command Type = Function#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 15#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:17 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStart.Method.Informational] Command Set-StrictMode is Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 3#012        Command Name = Set-StrictMode#012        Command Type = Cmdlet#012        Script Name = /opt/microsoft/powershell/6.0.1/Modules/PSReadLine/PSReadLine.psm1#012        Command Path = dotnet/coreclr#12        Sequence Number = 16#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:17 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStop.Method.Informational] Command Set-StrictMode is Stopped.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 3#012        Command Name = Set-StrictMode#012        Command Type = Cmdlet#012        Script Name = /opt/microsoft/powershell/6.0.1/Modules/PSReadLine/PSReadLine.psm1#012        Command Path = dotnet/coreclr#12        Sequence Number = 17#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:17 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStart.Method.Informational] Command Import-Module is Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 5#012        Command Name = Import-Module#012        Command Type = Cmdlet#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 18#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:17 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStop.Method.Informational] Command Import-Module is Stopped.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 5#012        Command Name = Import-Module#012        Command Type = Cmdlet#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 19#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:17 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStart.Method.Informational] Command Get-Variable is Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 4#012        Command Name = Get-Variable#012        Command Type = Cmdlet#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 20#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:17 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStop.Method.Informational] Command Get-Variable is Stopped.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 4#012        Command Name = Get-Variable#012        Command Type = Cmdlet#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 21#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:17 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStart.Method.Informational] Command prompt is Started.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 6#012        Command Name = prompt#012        Command Type = Function#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 22#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n
Mar  5 11:35:17 MYHOST powershell[4930]: (v6.0.1:9:11) [Command_Lifecycle:CommandStop.Method.Informational] Command prompt is Stopped.#012%n%nContext:%n        Severity = Informational#012        Host Name = ConsoleHost#012        Host Version = 6.0.1#012        Host ID = f85e018a-3700-4255-b508-c71bdb3b809d#012        Host Application = /opt/microsoft/powershell/6.0.1/pwsh.dll#012        Engine Version = 6.0.1#012        Runspace ID = 3ce268c9-c288-47d9-8b00-aff8c6154184#012        Pipeline ID = 6#012        Command Name = prompt#012        Command Type = Function#012        Script Name = dotnet/coreclr#12        Command Path = dotnet/coreclr#12        Sequence Number = 23#012        User = MYHOST\nagios#012        Connected User = dotnet/coreclr#12        Shell ID = Microsoft.PowerShell#012%n%nUser Data:%n%n

Even without interactively running anything via pwsh, I periodically get see debug pipes + GUID directories created in /tmp, like so:

/tmp/ CREATE clr-debug-pipe-9951-96248424-in
/tmp/ CREATE clr-debug-pipe-9951-96248424-out
/tmp/ CREATE,ISDIR 63b11b94-e868-42ea-96a2-5f3ae578fdcf

The GUID directories in particular are killing me. If I run enough scripts (say via a cron job), eventually there are enough GUID directories to hose up /tmp entirely.

Let me know what else I can provide. Happy to help troubleshoot.

[lt72]

Thank you. The debug messages in SysLog are from PowerShell. See here: https://github.com/PowerShell/PowerShell/blob/master/src/System.Management.Automation/utils/tracing/SysLogProvider.csNot sure why so many and if you can turn them off. You may want to open an issue at https://github.com/PowerShell/PowerShell.

The pipes though are definitely ours. @mikem8361: can you check why we are failign to clean the up?

[rayterrill]

Is the GUID directory coming from dotnet clr or PowerShell?

[lt72]

dotnet, but please Mike will confirm.

[mikem8361]

The runtime (coreclr) does it's best to clean up these pipes when a managed terminates. It can't clean up "kill" is used or if some 3rd party native code terminates. If you have a repeatable (simple) test case where these clr pipe's are left after powershell exits, please send it to me. Thanks.

The GUID directory and all the syslog's is all powershell and I don't know or have any control over it.

[mikem8361]

My PR dotnet/coreclr#16141 is blocked on an arm tizen problem.

[mikem8361]

See PR dotnet/coreclr#16141.

[darrenfurr]

This worked for us: https://github.com/dotnet/docs/issues/10217#issuecomment-462323277

[rishabsharma23]

@mikem8361 I set COMPlus_EnableDiagnostics = 0 to disable creation of pipes in tmp location . It works for Windows when I added COMPlus_EnableDiagnostics = 0 in the advance setting ->environment variable. But for MAC, when I added export COMPlus_EnableDiagnostics=0 in my bash_profile file ( so to add COMPlus_EnableDiagnostics as my MAC's environment variable), I still see pipe being formed. Note: COMPlusEnableDiagnostics=0 is visible when I do "printenv"_

My qn: 1) Is COMPlus_EnableDiagnostics specific for windows? If not, why it does not work for MAC when I added COMPlus_EnableDiagnostics in my MAC's environment variable?

2) What's the way to fix this pipe creation for MAC ?

[mikem8361]

How or where are you seeing the diagnostics pipes when the env var is set? I tried this on 3.1 and 5.0 and see no diagnostic pipes and dotnet-dump ps doesn't show the app. If you are looking in $TMPDIR there may be left over pipe, etc. files from previous runs.

[rishabsharma23]

@mikem8361 I will look into that for MAC. But also for Windows machine, only when I set environment variable as COMPlus_EnableDiagnostics=0, the pipe gets disabled. But ours is a windows service and we have let's say 20K endpoints/customers on which our service will run. Now, we can't say each endpoint to go change their Env variables. We're looking out for a way via MsBuildProperty or something so we ship COMPlus_EnableDiagnostics=0 along with our binaries.

I referred below documentation too:

https://docs.microsoft.com/en-us/dotnet/core/run-time-config/debugging-profiling

It only says COMPlus_EnableDiagnostics as Environment variable and no where mentioned about MSBuildProperty, so there is the dead end for us.

I also tried Environment.SetEnvironmentVariable("COMPlus_EnableDiagnostics", "0") in program start as well but that doesn't help because before this code could run, pipe diagnostics was already formed in temp folder of windows, hence failing the purpose. On my local, changing env variable worked just fine, but I can not ask all customers to do that- we are looking for way to ship COMPlus_EnableDiagnostics with our binaries . Can u please help?

[mikem8361]

Sorry, the only way to disable the diagnostics pipes, etc. is with an environment variable.

This env var works across all of our platforms and OSs: Windows, Linux and MacOS. Can you should me exactly the commands you use to export the env var and launch your app? It should be something like:

export COMPlus_EnableDiagnostics=0 
dotnet <path-to-app-dll>

[rishabsharma23]

@mikem8361 Yes I did use this export command but here the fundamental problem is different. I can use export command if only my machine was concerned. I am trying to ship my software to thousands of customer and want my service process not to show up in debug pipe. I achieved that for MAC by adding environment variable in my software's plist file and it worked successfully . But I am unable to do that for Windows, so trying to find here, how can I ship our software with export COMPlus_EnableDiagnostics=0 so our end user doesn't need to add this env variables on their own machines.

[mikem8361]

We are considering add a runtimeconfig.json property for this in our next release (6.0). I'm curious about the reasons you want to disable the diagnostics pipes, etc. because you lose any debugging, monitoring, counters and tracing support to diagnose your service.

[rishabsharma23]

@mikem8361 Will runtimeconfig.json change work for windows service too? I dont see runtimeconfig file in our code base, hence asking. Reason of disabling this to prevent malicious malware injection which can possibly take shape if diagnostics are enabled. Plus our customers dont need to have any debugging or tracing information, hence.