From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <git@ipfire.org>
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated.
 bcbcd15f64e90a077637af261bdf0f976f846c9a
Date: Tue, 06 Oct 2020 12:26:52 +0000
Message-ID: <4C5GtP0h6Yz2xVW@people01.haj.ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0302464535768511484=="
List-Id: <ipfire-scm.lists.ipfire.org>

--===============0302464535768511484==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  bcbcd15f64e90a077637af261bdf0f976f846c9a (commit)
       via  a9d90b1b3f76a76b96a169e91cf3902e4cc0835b (commit)
      from  42fca290334baba3bce7738577ae3d3401f4c6d6 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit bcbcd15f64e90a077637af261bdf0f976f846c9a
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Tue Oct 6 12:26:43 2020 +0000

    Revert "core152: Load changed /etc/sysctl.conf"
   =20
    This reverts commit b125988d3fe0e9f9ac231bf821e59365cf74f268.
   =20
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit a9d90b1b3f76a76b96a169e91cf3902e4cc0835b
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Tue Oct 6 12:26:26 2020 +0000

    Revert "sysctl.conf: prevent autoloading of TTY line disciplines"
   =20
    This reverts commit 14c65ab71ccbe3b0810ac6986d6ad02486f9f9a4.
   =20
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 config/etc/sysctl.conf                    | 4 ----
 config/rootfiles/core/152/filelists/files | 1 -
 config/rootfiles/core/152/update.sh       | 3 ---
 3 files changed, 8 deletions(-)

Difference in files:
diff --git a/config/etc/sysctl.conf b/config/etc/sysctl.conf
index a100da8e9..be7c07c85 100644
--- a/config/etc/sysctl.conf
+++ b/config/etc/sysctl.conf
@@ -39,10 +39,6 @@ net.bridge.bridge-nf-call-ip6tables =3D 0
 net.bridge.bridge-nf-call-iptables =3D 0
 net.bridge.bridge-nf-call-arptables =3D 0
=20
-# Restrict loading TTY line disciplines to CAP_SYS_MODULE to prevent unprivi=
leged attackers
-# from loading vulnerable line disciplines with the TIOCSETD ioctl.
-dev.tty.ldisc_autoload =3D 0
-
 # Try to keep kernel address exposures out of various /proc files (kallsyms,=
 modules, etc).
 kernel.kptr_restrict =3D 2
=20
diff --git a/config/rootfiles/core/152/filelists/files b/config/rootfiles/cor=
e/152/filelists/files
index c72b45b05..0894d828f 100644
--- a/config/rootfiles/core/152/filelists/files
+++ b/config/rootfiles/core/152/filelists/files
@@ -1,4 +1,3 @@
 etc/system-release
 etc/issue
-etc/sysctl.conf
 srv/web/ipfire/cgi-bin/credits.cgi
diff --git a/config/rootfiles/core/152/update.sh b/config/rootfiles/core/152/=
update.sh
index 715fa5a7a..5a667aa36 100644
--- a/config/rootfiles/core/152/update.sh
+++ b/config/rootfiles/core/152/update.sh
@@ -49,9 +49,6 @@ ldconfig
=20
 # Start services
=20
-# Reload sysctl.conf
-sysctl -p
-
 # This update needs a reboot...
 #touch /var/run/need_reboot
=20


hooks/post-receive
--
IPFire 2.x development tree

--===============0302464535768511484==--