24 lines
851 B
Text
24 lines
851 B
Text
# This action will speed up your boot and shutdown, because one less module is loaded. Additionally disabling watchdog timers increases performance and lowers power consumption
|
|
# Disable NMI watchdog
|
|
kernel.nmi_watchdog = 0
|
|
|
|
# Enable the sysctl setting kernel.unprivileged_userns_clone to allow normal users to run unprivileged containers.
|
|
kernel.unprivileged_userns_clone = 1
|
|
|
|
# To hide any kernel messages from the console
|
|
kernel.printk = 3 3 3 3
|
|
|
|
# Restricting access to kernel pointers in the proc filesystem
|
|
kernel.kptr_restrict = 2
|
|
|
|
# Disable Kexec, which allows replacing the current running kernel.
|
|
kernel.kexec_load_disabled = 1
|
|
|
|
# Set the maximum watches on files
|
|
fs.inotify.max_user_watches = 524288
|
|
|
|
# Set size of file handles and inode cache
|
|
fs.file-max = 2097152
|
|
|
|
# Increase writeback interval for xfs
|
|
fs.xfs.xfssyncd_centisecs = 10000
|