You are viewing documentation for version 1.15.x. The most current version is 1.19.x.  This documentation is available for 1.19.x.


Settings related to the Linux kernel (settings.kernel.*)

Setting list for settings.kernel

Full Reference


Sets the mode for the lockdown Linux security module.

Default: integrity except for nvidia and dev variant flavours which use none

Accepted values:
  • confidentiality : blocks most methods of reading kernel memory from userspace. Tools that rely on reading kernel memory may not work in this mode.
  • integrity : blocks most methods for overwriting kernel memory or modifying kernel code. This mode prevents unsigned kernel modules from loading.
  • none : disables protection by the Lockdown security module.
Also see: 


Allows (true) or disallows (false) the loading of kernel module <name>.

Accepted values:
  • true
  • false
allowed = false

allowed = true
apiclient set settings.kernel.modules.sctp.allowed=false

apiclient set settings.kernel.modules.udf.allowed=true


Sets kernel parameters.

"user.max_user_namespaces" = "16384"
"vm.max_map_count" = "262144"
Also see: