How to disable core dumps on Debian 8

server-crashes systemd debian-jessie

I pretend I've already tried everything out there, but my Debian 8 keeps creating core dumps when something crashes. It's happening about once or twice in a month. It's a production server for a few websites, with packaged Apache 2.4, php5-fpm and mysql. I suspect it's php5-fpm crashing because I get the dump file in the DocumentRoot folder. The file I get is named "core" and it is somewhere in the order of gigabytes in size.

Here is what I've already done to disable core dumps, without success:

ln -s /dev/null /etc/systemd/coredump.conf

and then rebooted. No dice.

echo '*               hard    core    0' >> /etc/security/limits.conf
echo "fs.suid_dumpable = 0" >> /etc/sysctl.conf
sysctl -p

and then rebooted. Still no dice. I've NOT set kernel.suid_dumpable to 0, because I found it later but when I found it I also read that zero is its default. These settings should not make any difference anyway, because php5-fpm is not setuid. The same goes for Apache and mysql, just in case it's not php5-fpm crashing.

For the time being there is a script that looks for core dumps and deletes them. Crontab does the rest, but it is not the best solution.

How do I globally and unconditionally disable core dumps in Debian 8?


After Michael Hampton's comment to the Froggiz' answer, I noticed that Debian seems to lack a coredump.conf manpage, so I've looked for it on the internet and found it. That manpage contains a lot of useful informations and I wonder why Debian ships without it (maybe Debian is shipping without the whole systemd-coredump thing?).

However from that manpage and the systemd-coredump manpage it seems that the core files I get do not come from systemd, because systemd puts them in /var/lib/systemd/coredump or in the journal depending on the Storage option, but never in the working directory of the crashed process. Moreover the systemd-coredump manpage (also missing in Debian) says that for the core dump functionality to work, you need to configure the kernel.core_pattern sysctl parameter to make the kernel actually hand the core dump to systemd-coredump.

I've then looked at Debian value for kernel.core_pattern: Debian comes with that parameter set to "core" by default, which happens to be exactly the name of the core dump files I get.

I now suppose that setting 

kernel.core_pattern=|/bin/true

(or /bin/false for that matter) in sysctl.conf as per the core(5) manpage will solve the problem.

I'm going to evetually accept my answer in a few weeks if I notice the server stops creating core files. I'm sorry I can't accept Michael's comment as answer, but many thanks to him for pointing me in what I believe is the right direction.

EDIT: I've found here a way to test the configuration without having to wait for a spontaneous crash and I confirm this is the correct answer.


You can try this : https://wiki.archlinux.org/index.php/Systemd#Disabling_application_crash_dumps_journaling

Disabling application crash dumps journaling Edit the file /etc/systemd/coredump.conf by adding this line: Storage=none

and run: systemctl daemon-reload to reload the configuration.

Related

How to log all queries to Outlook Web Access (msexchange 2010)
LVM thin snapshot unavailable
How to find directory containing specific files or directories?
What's the definition and difference between provision and bootstrap?
What does Amazon SES free tier mean? Why am I charged?
Connect to openvpn management interface on unix domain socket
Server 2012 R2 - how to delete a file that is "open in System"?
Upgrade cURL to latest on CentOS 5.8
Input/output error when attempting to mount a Windows NFS share
Can only some machines on a network have a public IP addresses?
Clonezilla restore MBR disk to 4TB disk (convert to GPT) -- LINUX (not Windows!)
Equivalent to checkrestart for CentOS?