Disable core dumps in #Linux

By | December 11, 2019

Systemd doesn’t completely control whether core dumps are made or not. It mainly determine where such dumps go, and whether they should take up space or not. It may prevent some user space core dumps, but not all.
With “Storage=none”, they can still occur and are registered by journald, but they don’t take up disk space.

Turning them off completely is mainly done by “ulimit”. The subject is IMHO badly documented and somewhat confusing since you have to take user privileges into account, and that some subsystems can override other subsystems defaults.

Here is what I did:
in:
/etc/systemd/system.conf
DumpCore=no
#This can be overridden: AFAIK, only pertains to systemd units

in:
/etc/systemd/coredump.conf
Storage=none
#Core dumps are still made and registered in the journal, but not placed on disk.

Also in:
/etc/security/limits.conf

#
* hard core 0

The above should prevent core dumps, and since it is a “hard” limits, non-root programs can’t override it, though I suspect that kernel cmd line parameters and therefore systemd can still override it.

As I understand it, the above is equivalent to the old method of placing “ulimit -c 0” or “ulimit -H -c 0” in “$HOME/.bashrc” but works globally, not just on the logged in user.

There may still be some loopholes left that can generate core dumps, but the above should cover most cases.

A reboot is the easy way to ensure everything is working properly after setting the above.

Advertisements

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.