Red "warning" 'hard/soft' configuration in /etc/security/limits.conf [ ENABLED ] #1703
Description
$ lynis show version
3.1.4
$ lsb_release -d
Description: Debian GNU/Linux 13 (trixie)
The kernel section "warning" in the red font:
I have the hard and soft limit set in /etc/security/limits.d/123-openfileslimit.conf
* soft nofile 10000
* hard nofile 100000
and the file /etc/security/limits.conf lines are all commented out:
grep -v "#" /etc/security/limits.conf
the red/warning font suggests attention needed, but as a layman i do not think that attention is needed and it should not behave it like this by default? I would expect orange text and display correct file 123-openfileslimit.conf instead of /etc/security/limits.conf ?
Searching "limits.d":
https://github.com/search?q=repo%3ACISOfy%2Flynis%20limits.d&type=code
UPDATE:
the Lynis output may have confused me, instead it may have some relation to a coredump configuration in:
sudo nano /etc/security/limits.d/coredump
* soft core 0
root soft core 0
* hard core infinity
root hard core infinity
caused following output of a "sudo lynis audit system --tests KRNL-5820"
[+] Kernel
- Checking core dumps configuration
- configuration in systemd conf files [ DEFAULT ]
- configuration in /etc/profile [ DEFAULT ]
- 'hard' configuration in /etc/security/limits.conf [ ENABLED ]
- 'soft' configuration in /etc/security/limits.conf [ DISABLED ]
- Checking setuid core dumps configuration [ PROTECTED ]
and:
* soft core 0
* hard core 0
caused:
[+] Kernel
- Checking core dumps configuration
- configuration in systemd conf files [ DEFAULT ]
- configuration in /etc/profile [ DEFAULT ]
- 'hard' configuration in /etc/security/limits.conf [ DISABLED ]
- 'soft' configuration in /etc/security/limits.conf [ DISABLED ]
- Checking setuid core dumps configuration [ PROTECTED ]
ENABLED = RED, DISABLED = GREEN
in another words, the output should specify correct file so it is not confusing