mirror of
https://github.com/Kicksecure/security-misc.git
synced 2025-11-27 16:40:53 -05:00
30 lines
1.2 KiB
Bash
Executable file
30 lines
1.2 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
|
|
## See the file COPYING for copying conditions.
|
|
|
|
set -e
|
|
|
|
if [ -f /usr/libexec/helper-scripts/pre.bsh ]; then
|
|
## pre.bsh would `source` the following folders:
|
|
## /etc/panic-on-oops_pre.d/*.conf
|
|
## /usr/local/etc/panic-on-oops_pre.d/*.conf
|
|
source /usr/libexec/helper-scripts/pre.bsh
|
|
fi
|
|
|
|
## Makes the kernel immediately panic on both oopses and warnings.
|
|
## These settings force a full system crash rather than continuing
|
|
## to run after an inconsistent state is triggered by a potentially
|
|
## flawed processes. The reasons for the errors could be kernel
|
|
## exploit attempts but may also simply be general software bugs.
|
|
##
|
|
## https://docs.kernel.org/admin-guide/sysctl/kernel.html#oops-limit
|
|
sysctl kernel.oops_limit=1
|
|
## https://docs.kernel.org/admin-guide/sysctl/kernel.html#warn-limit
|
|
sysctl kernel.warn_limit=1
|
|
|
|
## Makes the system immediately reboot on the occurrence of a single
|
|
## kernel panic. This reduces the risk and impact of denial of
|
|
## service attacks and both cold and warm boot attacks.
|
|
## https://docs.kernel.org/admin-guide/sysctl/kernel.html#panic
|
|
sysctl kernel.panic=-1
|