diff --git a/roles/hardening-basic/defaults/main.yml b/roles/hardening-basic/defaults/main.yml index 8437d8f..9c909d5 100644 --- a/roles/hardening-basic/defaults/main.yml +++ b/roles/hardening-basic/defaults/main.yml @@ -7,7 +7,7 @@ hardening_sshd_tcp_forward: false hardening_sshd_legal_banner: false hardening_sshd_permissions_set_sticky_bit: true -hardening_sysctl_vm_swappiness: 15 +hardening_sysctl_vm_swappiness: 0 hardening_sysctl_disable_ipv6: false hardening_modprobe_disable_list: diff --git a/roles/hardening-basic/templates/basic/etc/sysctl.d/50-coredump.conf b/roles/hardening-basic/templates/basic/etc/sysctl.d/50-coredump.conf new file mode 100644 index 0000000..33ce3bc --- /dev/null +++ b/roles/hardening-basic/templates/basic/etc/sysctl.d/50-coredump.conf @@ -0,0 +1 @@ +kernel.core_pattern=|/bin/false