From 13189e2683e7549e0df78c0ec46ec59060cadc27 Mon Sep 17 00:00:00 2001 From: Mikhail Chusavitin Date: Wed, 18 Mar 2026 23:56:42 +0300 Subject: [PATCH] fix(iso): pet hardware watchdog via systemd RuntimeWatchdogSec=30s MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Without a keepalive the kernel watchdog timer expires and reboots the host mid-audit. Configuring RuntimeWatchdogSec lets systemd PID 1 reset /dev/watchdog every 30 s — well within the typical 60 s timeout. Co-Authored-By: Claude Sonnet 4.6 --- iso/overlay/etc/systemd/system.conf.d/watchdog.conf | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 iso/overlay/etc/systemd/system.conf.d/watchdog.conf diff --git a/iso/overlay/etc/systemd/system.conf.d/watchdog.conf b/iso/overlay/etc/systemd/system.conf.d/watchdog.conf new file mode 100644 index 0000000..b83ea66 --- /dev/null +++ b/iso/overlay/etc/systemd/system.conf.d/watchdog.conf @@ -0,0 +1,4 @@ +[Manager] +# Pet the hardware watchdog every 30s so the host doesn't reboot mid-audit. +# Kernel watchdog timeout is typically 60s; 30s gives a safe 2× margin. +RuntimeWatchdogSec=30s