add sysctl configuration to remove every debugging capabilities
authorSofian Brabez <sbz@6dev.net>
Wed, 13 Apr 2016 20:24:25 +0000 (22:24 +0200)
committersbz <sbz@6dev.net>
Wed, 13 Apr 2016 20:24:25 +0000 (22:24 +0200)
disable_debug_sysctl.conf [new file with mode: 0644]

diff --git a/disable_debug_sysctl.conf b/disable_debug_sysctl.conf
new file mode 100644 (file)
index 0000000..7183f08
--- /dev/null
@@ -0,0 +1,30 @@
+kern.vt.kbd_debug=0
+debug.minidump=0
+debug.dircheck=0
+debug.dobkgrdwrite=0
+debug.vn_io_fault_enable=0
+debug.vfs_badlock_backtrace=0
+debug.vfs_badlock_print=0
+debug.vfs_badlock_mutex=0
+debug.vfs_badlock_ddb=0
+debug.vfscache=0
+debug.devfs_iosize_max_clamp=0
+debug.witness.skipspin=0 # loader.conf
+debug.witness.trace=0
+debug.witness.kdb=0
+debug.witness.watch=0
+debug.vmem_check=0
+debug.kassert.do_log=0
+debug.trace_on_panic=0
+debug.debugger_on_panic=0
+debug.adaptive_machine_arch=0
+debug.acpi.reset_clock=0
+debug.acpi.default_register_width=0 # loader.conf
+debug.acpi.interpreter_slack=0 # loader.conf
+debug.ddb.textdump.do_version=0
+debug.ddb.textdump.do_panic=0
+debug.ddb.textdump.do_msgbuf=0
+debug.ddb.textdump.do_ddb=0
+debug.ddb.textdump.do_config=0
+hw.syscons.kbd_debug=0
+security.bsd.unprivileged_proc_debug=0