Re: another bizarre thing...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Aug 6, 2019, at 8:48 PM, Fred Smith <fredex@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> 
> Setting up as you described earlier, is there a way to allow only
> a single program to drop core?

Of course.

The * in the limits.d file is a “domain” value you can adjust to suit:

    https://www.thegeekdiary.com/understanding-etc-security-limits-conf-file-to-set-ulimit/

You’d have to read the systemd docs to figure out the defaults for LimitCore, but I suspect you don’t get cores until you set this on a per-service basis.

You can also adjust the sysctl pattern path to put cores somewhere secure.  That’s the normal use of absolute paths: put the cores into a dropbox directory that only root can read but anyone can write to.

Also, I should point out that my first step, removing ABRT, is a heavy-handed method. Maybe what you *actually* want to do is learn to cooperate with ABRT rather than rip it out entirely.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux