[CentOS] another bizarre thing...

Wed Aug 7 16:59:03 UTC 2019
Fred Smith <fredex at fcshome.stoneham.ma.us>

On Tue, Aug 06, 2019 at 09:02:37PM -0600, Warren Young wrote:
> On Aug 6, 2019, at 8:48 PM, Fred Smith <fredex at fcshome.stoneham.ma.us> wrote:
> > 
> > Setting up as you described earlier, is there a way to allow only
> > a single program to drop core?
> Of course.
> The * in the limits.d file is a “domain” value you can adjust to suit:
>     https://www.thegeekdiary.com/understanding-etc-security-limits-conf-file-to-set-ulimit/
> You’d have to read the systemd docs to figure out the defaults for LimitCore, but I suspect you don’t get cores until you set this on a per-service basis.
> You can also adjust the sysctl pattern path to put cores somewhere secure.  That’s the normal use of absolute paths: put the cores into a dropbox directory that only root can read but anyone can write to.
> Also, I should point out that my first step, removing ABRT, is a heavy-handed method. Maybe what you *actually* want to do is learn to cooperate with ABRT rather than rip it out entirely.

how about "simply" disabling and stopping it?

---- Fred Smith -- fredex at fcshome.stoneham.ma.us -----------------------------
                      The eyes of the Lord are everywhere, 
                    keeping watch on the wicked and the good.
----------------------------- Proverbs 15:3 (niv) -----------------------------