I was reading the CIS CentOS Linux 7 Benchmark v.2.2.0, section-1.5.1(Ensure core dumps are restricted). Its remediation sections says:
Add the following line to /etc/security/limits.conf or a /etc/security/limits.d/* file:
- hard core 0
I have a remediation script to achieve the same (got from github). Its contents are :
echo "hard core 0" >> /etc/security/limits.d/CIS.conf
echo "fs.suid_dumpable = 0" >> /etc/sysctl.d/CIS.conf
My question is -> Why is the script adding the lines in CIS.conf. I know it is not a system conf file. So how does the OS know to read this conf file? Is it that the OS reads from all conf files present under the /etc/sysctl.d/ path?