kernel hardening settings #61
Description
Following suse hardening guides:
- https://ranchermanager.docs.rancher.com/reference-guides/rancher-security/hardening-guides/rke2-hardening-guide#set-kernel-parameters
- https://docs.k3s.io/security/hardening-guide#ensure-protect-kernel-defaults-is-set
related settings:
vm.panic_on_oom=0
vm.overcommit_memory=1
kernel.panic=10
kernel.panic_on_oops=1
bosh vm sysctl
vm.panic_on_oom = 0
vm.overcommit_memory = 1
kernel.panic = 10
kernel.panic_on_oops = 1
...
kernel.hardlockup_panic = 0
kernel.hung_task_panic = 0
kernel.max_rcu_stall_to_panic = 0
kernel.panic_on_io_nmi = 0
kernel.panic_on_rcu_stall = 0
kernel.panic_on_unrecovered_nmi = 0
kernel.panic_on_warn = 0
kernel.panic_print = 0
kernel.softlockup_panic = 0
kernel.unknown_nmi_panic = 0