sysctl.conf: include PID in file names of generated core dumps

This is recommended by various Linux hardening guides in order to
prevent accidential overwriting of existing core dumps. While it has
probably little to no relevance to the average IPFire user, enabling it
won't harm and fixes a Lynis warning. :-)

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/config/etc/sysctl.conf b/config/etc/sysctl.conf
index be7c07c857daafe58bbf67b11b4d026a54346a1a..c9b4c092af55df80e5555a386c54308912b56ecf 100644 (file)
--- a/config/etc/sysctl.conf
+++ b/config/etc/sysctl.conf
@@ -103,3 +103,6 @@ net.ipv4.tcp_fastopen = 3
 # This protects against various TCP attacks, such as DoS against or injection
 # of arbitrary segments into prematurely closed connections.
 net.ipv4.tcp_rfc1337 = 1
+
+# Include PID in file names of generated core dumps
+kernel.core_uses_pid = 1