Thank you. Merged.

> On 5 May 2020, at 21:19, Peter Müller <peter.mueller(a)ipfire.org> wrote:
> 
> This backports 29a8992b7228771fb2cfc68679596598fb01105a into IPFire 3.x
> 
> Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
> ---
> setup/setup.nm                     | 2 +-
> setup/sysctl/kernel-hardening.conf | 4 ++++
> 2 files changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/setup/setup.nm b/setup/setup.nm
> index 09d94e23d..cc8454bfa 100644
> --- a/setup/setup.nm
> +++ b/setup/setup.nm
> @@ -5,7 +5,7 @@
> 
> name       = setup
> version    = 3.0
> -release    = 14
> +release    = 15
> arch       = noarch
> 
> groups     = Base Build System/Base
> diff --git a/setup/sysctl/kernel-hardening.conf b/setup/sysctl/kernel-hardening.conf
> index 33e096c7c..d92485d61 100644
> --- a/setup/sysctl/kernel-hardening.conf
> +++ b/setup/sysctl/kernel-hardening.conf
> @@ -7,3 +7,7 @@ kernel.dmesg_restrict = 1
> # Improve KASLR effectiveness for mmap.
> vm.mmap_rnd_bits = 32
> vm.mmap_rnd_compat_bits = 16
> +
> +# Turn on hard- and symlink protection
> +fs.protected_symlinks = 1
> +fs.protected_hardlinks = 1
> -- 
> 2.26.1