On Aug 6, 2019, at 8:48 PM, Fred Smith <fredex@xxxxxxxxxxxxxxxxxxxxxx> wrote: > > Setting up as you described earlier, is there a way to allow only > a single program to drop core? Of course. The * in the limits.d file is a “domain” value you can adjust to suit: https://www.thegeekdiary.com/understanding-etc-security-limits-conf-file-to-set-ulimit/ You’d have to read the systemd docs to figure out the defaults for LimitCore, but I suspect you don’t get cores until you set this on a per-service basis. You can also adjust the sysctl pattern path to put cores somewhere secure. That’s the normal use of absolute paths: put the cores into a dropbox directory that only root can read but anyone can write to. Also, I should point out that my first step, removing ABRT, is a heavy-handed method. Maybe what you *actually* want to do is learn to cooperate with ABRT rather than rip it out entirely. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos