On Tue, Aug 06, 2019 at 09:02:37PM -0600, Warren Young wrote:
> On Aug 6, 2019, at 8:48 PM, Fred Smith <fre...@fcshome.stoneham.ma.us> wrote:
> >
> > Setting up as you described earlier, is there a way to allow only
> > a single program to drop core?
>
> Of course.
>
> The * in the limits.d file is a “domain” value you can adjust to suit:
>
>
> https://www.thegeekdiary.com/understanding-etc-security-limits-conf-file-to-set-ulimit/
>
> You’d have to read the systemd docs to figure out the defaults for LimitCore,
> but I suspect you don’t get cores until you set this on a per-service basis.
>
> You can also adjust the sysctl pattern path to put cores somewhere secure.
> That’s the normal use of absolute paths: put the cores into a dropbox
> directory that only root can read but anyone can write to.
>
> Also, I should point out that my first step, removing ABRT, is a heavy-handed
> method. Maybe what you *actually* want to do is learn to cooperate with ABRT
> rather than rip it out entirely.
how about "simply" disabling and stopping it?
--
---- Fred Smith -- fre...@fcshome.stoneham.ma.us -----------------------------
The eyes of the Lord are everywhere,
keeping watch on the wicked and the good.
----------------------------- Proverbs 15:3 (niv) -----------------------------
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
