Linux Disable Core Dumps

Only software developers legitimately need to access core files and none of my production web server requires a core dump. How do I disable core dumps on Debian / CentOS / RHEL / Fedora Linux to save large amounts of disk space?

A core dump file is the memory image of an executable program when it was terminated by the operating system due to various error behavior.

ADVERTISEMENTS

Disable Core Dumps

To disable core dumps for all users, open /etc/security/limits.conf, enter:
# vi /etc/security/limits.conf
Make sure the following config directive exists:

* hard core 0

Save and close the file. Once a hard limit is set in /etc/security/limits.conf, the user cannot increase that limit within his own session. Add fs.suid_dumpable = 0 to /etc/sysctl.conf file:
# echo 'fs.suid_dumpable = 0' >> /etc/sysctl.conf
# sysctl -p

This will make sure that core dumps can never be made by setuid programs. Finally, add the following to /etc/profile to set a soft limit to stop the creation of core dump files for all users (which is default and must be disabled):
# echo 'ulimit -S -c 0 > /dev/null 2>&1' >> /etc/profile

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
FirewallCentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
8 comments… add one
  • valqk Feb 27, 2009 @ 17:01

    Hmmz,
    as far as I can remember in 2.6.X cores are disabled by default?
    No? At least I haven’t got any cores for many years.
    in fbsd you can disable them:
    sysctl kern.coredump=0

  • Gili Mar 2, 2009 @ 11:46

    I believe that the proper way is to have signal handling.
    This wauy you can report the problems and avoid core.
    Letting the system crash and ignoring cores will probably prevent fixing the problems.

  • Matt Apr 6, 2010 @ 12:49

    on SLES : ‘kernel.suid_dumpable = 0’

  • derp Nov 2, 2011 @ 12:37

    Hi,

    I know this is very old, but I thought I’d comment here for those who may see this thread in the future; On production servers, it is still good security practice to keep core dumps turned on. Someone attempted to exploit a service may cause a core dump (if they get something wrong), and this core can then be investigated to see whether this is the case.

  • Mr. Jan Hearthstone Feb 2, 2013 @ 22:33

    Thank you!
    HS

  • Mr. Jan Hearthstone Jul 4, 2013 @ 8:15

    I followed the steps and all was fine for a while; I would just get a warning of a segmentation fault having happened, or such similar, instead of being told that a core dump was made …
    But now I started getting the core dumps again.
    ?? Obviously something changed …
    Thanks, Hearthstone.

  • Koosha Dec 24, 2014 @ 9:42

    Have a look at “/etc/systemd/coredump.conf”
    and
    `man coredump.conf`

  • TOBIN JOSEPH TOMY May 29, 2016 @ 7:19

    use ulimit -c 0….

    Thi is the command to disable core dump/core file…

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.