| 1 |
commit: 14c91b2c9dc77d6fc81746b999b92187bd9cac82 |
| 2 |
Author: William Hubbs <williamh <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Mon Feb 10 01:47:40 2020 +0000 |
| 4 |
Commit: William Hubbs <williamh <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Mon Feb 10 04:12:03 2020 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/baselayout.git/commit/?id=14c91b2c |
| 7 |
|
| 8 |
enable protected_symlinks and protected_hardlinks by default |
| 9 |
|
| 10 |
Bug: https://bugs.gentoo.org/704914 |
| 11 |
Signed-off-by: William Hubbs <williamh <AT> gentoo.org> |
| 12 |
|
| 13 |
etc.Linux/sysctl.d/00protected-links.conf | 2 ++ |
| 14 |
etc.Linux/sysctl.d/README | 15 +++++++++++++++ |
| 15 |
2 files changed, 17 insertions(+) |
| 16 |
|
| 17 |
diff --git a/etc.Linux/sysctl.d/00protected-links.conf b/etc.Linux/sysctl.d/00protected-links.conf |
| 18 |
new file mode 100644 |
| 19 |
index 00000000..5e4d7c6f |
| 20 |
--- /dev/null |
| 21 |
+++ b/etc.Linux/sysctl.d/00protected-links.conf |
| 22 |
@@ -0,0 +1,2 @@ |
| 23 |
+fs.protected_symlinks = 1 |
| 24 |
+fs.protected_hardlinks = 1 |
| 25 |
|
| 26 |
diff --git a/etc.Linux/sysctl.d/README b/etc.Linux/sysctl.d/README |
| 27 |
new file mode 100644 |
| 28 |
index 00000000..dc609ac9 |
| 29 |
--- /dev/null |
| 30 |
+++ b/etc.Linux/sysctl.d/README |
| 31 |
@@ -0,0 +1,15 @@ |
| 32 |
+For more information on how kernel parameter configuration works, please see |
| 33 |
+the manpages sysctl(8) and sysctl.conf(5). |
| 34 |
+ |
| 35 |
+In order for this to work properly, you must first |
| 36 |
+enable 'Sysctl support' in the kernel. |
| 37 |
+ |
| 38 |
+Look in /proc/sys/ for all the things you can setup. |
| 39 |
+sysctl processes files that end in *.conf in directories in the |
| 40 |
+following order before processing /etc/sysctl.conf. |
| 41 |
+ |
| 42 |
+- /run/sysctl.d |
| 43 |
+- /etc/sysctl.d |
| 44 |
+- /usr/local/lib/sysctl.d |
| 45 |
+- /usr/lib/sysctl.d |
| 46 |
+- /lib/sysctl.d |
Archives