Kernel Crash Dumps

This article explains how to capture the kernel crash dumps (kdump). Kdumps are produced by kernel panic or lockup. To be simple, just a single kernel is used both for the ordinary system and recovery. The described method is almost distribution independent.

This article is based on KDump on Gentoo by (a Gentoo developer), and the first version is posted by the author.

Kernel
Activate the following kernel options:

Emerge
Install :

local.d script
Create containing:

When using an initramfs, a reference to it will need passed as a parameter. For example:

Now make this file executable:

Note the kernel has to be readable. A typical Gentoo configuration leaves unmounted, so either remove noauto from the fstab file or place a copy of the kernel in a place that is mounted during a crash.

Bootloader
Add the  argument to the kernel command-line via the bootloader (most likely GRUB2) for systems with up to around 12 GB of RAM.

Usage
First, run the above script:

It loads the rescue kernel image which is run after kernel crash.

Whenever a kernel panic or lockup (hard/soft if the kernel is set to detect them) occurs, runs the kernel in crash mode, relocated to a reserved area of memory. The rest of RAM will be untouched. When the system boots up log in and copy to a file - this is the crash dump. Then reboot the system to get back to a normal configuration; the system might not be stable and should not continue to operate in this state.

A kernel panic can be forced on demand by executing the following command (do not forget to save all data, log-out other users, and leave the filesystems in a clean state by the invocation of the command before doing this):

External resources

 * Linux Kernel Crash Book