From: Michael Tremer <git@ipfire.org>
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. bcbcd15f64e90a077637af261bdf0f976f846c9a
Date: Tue, 06 Oct 2020 12:26:52 +0000 [thread overview]
Message-ID: <4C5GtP0h6Yz2xVW@people01.haj.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 3050 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via bcbcd15f64e90a077637af261bdf0f976f846c9a (commit)
via a9d90b1b3f76a76b96a169e91cf3902e4cc0835b (commit)
from 42fca290334baba3bce7738577ae3d3401f4c6d6 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bcbcd15f64e90a077637af261bdf0f976f846c9a
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Tue Oct 6 12:26:43 2020 +0000
Revert "core152: Load changed /etc/sysctl.conf"
This reverts commit b125988d3fe0e9f9ac231bf821e59365cf74f268.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit a9d90b1b3f76a76b96a169e91cf3902e4cc0835b
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Tue Oct 6 12:26:26 2020 +0000
Revert "sysctl.conf: prevent autoloading of TTY line disciplines"
This reverts commit 14c65ab71ccbe3b0810ac6986d6ad02486f9f9a4.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/etc/sysctl.conf | 4 ----
config/rootfiles/core/152/filelists/files | 1 -
config/rootfiles/core/152/update.sh | 3 ---
3 files changed, 8 deletions(-)
Difference in files:
diff --git a/config/etc/sysctl.conf b/config/etc/sysctl.conf
index a100da8e9..be7c07c85 100644
--- a/config/etc/sysctl.conf
+++ b/config/etc/sysctl.conf
@@ -39,10 +39,6 @@ net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
-# Restrict loading TTY line disciplines to CAP_SYS_MODULE to prevent unprivileged attackers
-# from loading vulnerable line disciplines with the TIOCSETD ioctl.
-dev.tty.ldisc_autoload = 0
-
# Try to keep kernel address exposures out of various /proc files (kallsyms, modules, etc).
kernel.kptr_restrict = 2
diff --git a/config/rootfiles/core/152/filelists/files b/config/rootfiles/core/152/filelists/files
index c72b45b05..0894d828f 100644
--- a/config/rootfiles/core/152/filelists/files
+++ b/config/rootfiles/core/152/filelists/files
@@ -1,4 +1,3 @@
etc/system-release
etc/issue
-etc/sysctl.conf
srv/web/ipfire/cgi-bin/credits.cgi
diff --git a/config/rootfiles/core/152/update.sh b/config/rootfiles/core/152/update.sh
index 715fa5a7a..5a667aa36 100644
--- a/config/rootfiles/core/152/update.sh
+++ b/config/rootfiles/core/152/update.sh
@@ -49,9 +49,6 @@ ldconfig
# Start services
-# Reload sysctl.conf
-sysctl -p
-
# This update needs a reboot...
#touch /var/run/need_reboot
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2020-10-06 12:26 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4C5GtP0h6Yz2xVW@people01.haj.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox