Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-11-26 00:28:28 -05:00
Code Issues Projects Releases Packages Wiki Activity

Upgrade sysctls and docs on kernel panics

Browse source
This commit is contained in:
raja-grewal 2025-08-06 02:35:15 +00:00 committed by GitHub
parent c2690efcac
commit 45d20dd972
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 31 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

19
usr/libexec/security-misc/panic-on-oops
View file

@ -12,12 +12,15 @@ if [ -f /usr/libexec/helper-scripts/pre.bsh ]; then
source /usr/libexec/helper-scripts/pre.bsh
fi
## Makes the kernel panic on oopses and warnings. This prevents the
## kernel from continuing to run a flawed processes. Many kernel
## exploits will also cause an oops, these settings will make the
## kernel kill the offending processes.
## Makes the kernel immediately panic on both oopses and warnings.
## This prevents the kernel from continuing to run a potentially
## flawed processes. Many kernel exploits will also cause an oops,
## these settings will make the kernel kill the offending processes.
sysctl kernel.oops_limit=1
sysctl kernel.warn_limit=1
## Makes the system immediately reboot on the occur occurrence of
## a single kernel panic. This is an extreme safety option which also
## creates a large opening for targeted denial of service attacks.
#sysctl kernel.panic=-1
sysctl kernel.panic_on_oops=1
sysctl kernel.panic_on_warn=1
#sysctl kernel.oops_limit=1
#sysctl kernel.warn_limit=1