diff options
| author |   William Hubbs <williamh@gentoo.org> | 2020-02-09 19:47:40 -0600 |
|---|---|---|
| committer | William Hubbs <williamh@gentoo.org> | 2020-02-09 22:12:03 -0600 |
| commit | 14c91b2c9dc77d6fc81746b999b92187bd9cac82 (patch) | |
| tree | 296b85781136dc6f16094b2a130b85e9330139c1 | |
| parent | services: add domain-s (diff) | |
| download | baselayout-14c91b2c9dc77d6fc81746b999b92187bd9cac82.tar.gz baselayout-14c91b2c9dc77d6fc81746b999b92187bd9cac82.tar.bz2 baselayout-14c91b2c9dc77d6fc81746b999b92187bd9cac82.zip | |
enable protected_symlinks and protected_hardlinks by default
Bug: https://bugs.gentoo.org/704914
Signed-off-by: William Hubbs <williamh@gentoo.org>
| -rw-r--r-- | etc.Linux/sysctl.d/00protected-links.conf | 2 | ||||
| -rw-r--r-- | etc.Linux/sysctl.d/README | 15 |
2 files changed, 17 insertions, 0 deletions
diff --git a/etc.Linux/sysctl.d/00protected-links.conf b/etc.Linux/sysctl.d/00protected-links.conf new file mode 100644 index 00000000..5e4d7c6f --- /dev/null +++ b/etc.Linux/sysctl.d/00protected-links.conf @@ -0,0 +1,2 @@ +fs.protected_symlinks = 1 +fs.protected_hardlinks = 1 diff --git a/etc.Linux/sysctl.d/README b/etc.Linux/sysctl.d/README new file mode 100644 index 00000000..dc609ac9 --- /dev/null +++ b/etc.Linux/sysctl.d/README @@ -0,0 +1,15 @@ +For more information on how kernel parameter configuration works, please see +the manpages sysctl(8) and sysctl.conf(5). + +In order for this to work properly, you must first +enable 'Sysctl support' in the kernel. + +Look in /proc/sys/ for all the things you can setup. +sysctl processes files that end in *.conf in directories in the +following order before processing /etc/sysctl.conf. + +- /run/sysctl.d +- /etc/sysctl.d +- /usr/local/lib/sysctl.d +- /usr/lib/sysctl.d +- /lib/sysctl.d |