See bash(1) § SHELL BUILTIN COMMANDS or zshbuiltins(1) for details. etc/security/nf * hard core 0 Using ulimitĬommand-line shells such as bash or zsh provide a builtin ulimit command which can be used to report or set resource limits of the shell and the processes started by the shell. Setting it to zero disables core dumps entirely. The maximum core dump size for users logged in via PAM is enforced by nf. This method alone is usually sufficient to disable userspace core dumps, so long as no other programs enable automatic core dumps on the system, but the coredump is still generated in memory and systemd-coredump run. Note: Do not forget to include the section name, otherwise this option will be ignored: systemd-coredump: Assignment outside of section. systemd-coredump behavior can be overridden by creating a configuration snippet in the /etc/systemd// directory with the following content : It generates core dumps for all processes in /var/lib/systemd/coredump. Systemd's default behavior is defined in /usr/lib/sysctl.d/nf, which sets re_pattern to call systemd-coredump. To apply the setting immediately, use sysctl: Sysctl can be used to set the re_pattern to nothing to disable core dump handling. Security: core dumps, although typically readable only by root, may contain sensitive data (such as passwords or cryptographic keys), which are written to disk following a crash.Disk space: core dumps of memory-heavy processes may consume disk space equal to, if not greater, than the process's memory footprint if not compressed.Performance: generating core dumps for memory-heavy processes can waste system resources and delay the cleanup of memory.
Users may wish to disable automatic core dumps for a number of reasons: