aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2018-06-07 10:52:32 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2018-06-07 12:38:18 +0000
commit0655da328034c0de4ba88ea54613347b906da77e (patch)
tree221012164019752d486c15dfb64bb73dde3ca623
parentdeb396b0df2cef3994cc0de1623028d1c79b5b6c (diff)
downloadalpine_aports-0655da328034c0de4ba88ea54613347b906da77e.tar.bz2
alpine_aports-0655da328034c0de4ba88ea54613347b906da77e.tar.xz
alpine_aports-0655da328034c0de4ba88ea54613347b906da77e.zip
main/alpine-baselayout: enable ipv6 and sysrq by default
- enable ipv6 by default and fix the sysctl keys for ipv6 - add ::1 entry in /etc/hosts - remove sysrq entry again
Diffstat
-rw-r--r--main/alpine-baselayout/APKBUILD20
1 files changed, 10 insertions, 10 deletions
diff --git a/main/alpine-baselayout/APKBUILD b/main/alpine-baselayout/APKBUILD
index 2e1a8673a2..2f8f896a38 100644
--- a/main/alpine-baselayout/APKBUILD
+++ b/main/alpine-baselayout/APKBUILD
@@ -1,7 +1,7 @@
1# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net> 1# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
2# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 2# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
3pkgname=alpine-baselayout 3pkgname=alpine-baselayout
4pkgver=3.0.6 4pkgver=3.1.0
5pkgrel=0 5pkgrel=0
6pkgdesc="Alpine base dir structure and init scripts" 6pkgdesc="Alpine base dir structure and init scripts"
7url="https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout" 7url="https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout"
@@ -120,15 +120,19 @@ package() {
120 120
121 echo "UTC" > "$pkgdir"/etc/TZ 121 echo "UTC" > "$pkgdir"/etc/TZ
122 echo "localhost" > "$pkgdir"/etc/hostname 122 echo "localhost" > "$pkgdir"/etc/hostname
123 echo "127.0.0.1 localhost localhost.localdomain" > "$pkgdir"/etc/hosts 123 cat > "$pkgdir"/etc/hosts <<-EOF
124 echo "af_packet" >"$pkgdir"/etc/modules 124 127.0.0.1 localhost localhost.localdomain
125 125 ::1 localhost localhost.localdomain
126 EOF
127 cat > "$pkgdir"/etc/modules <<-EOF
128 af_packet
129 ipv6
130 EOF
126 cat > "$pkgdir"/etc/shells <<-EOF 131 cat > "$pkgdir"/etc/shells <<-EOF
127 # valid login shells 132 # valid login shells
128 /bin/sh 133 /bin/sh
129 /bin/ash 134 /bin/ash
130 EOF 135 EOF
131
132 cat > "$pkgdir"/etc/motd <<-EOF 136 cat > "$pkgdir"/etc/motd <<-EOF
133 Welcome to Alpine! 137 Welcome to Alpine!
134 138
@@ -160,11 +164,10 @@ package() {
160 net.ipv4.conf.all.accept_redirects = 0 164 net.ipv4.conf.all.accept_redirects = 0
161 net.ipv4.conf.all.secure_redirects = 1 165 net.ipv4.conf.all.secure_redirects = 1
162 net.ipv6.conf.all.accept_redirects = 0 166 net.ipv6.conf.all.accept_redirects = 0
163 net.ipv6.conf.all.secure_redirects = 1
164 167
165 # The source routing feature includes some known vulnerabilities. 168 # The source routing feature includes some known vulnerabilities.
166 net.ipv4.conf.all.accept_source_route = 0 169 net.ipv4.conf.all.accept_source_route = 0
167 net.ipv6.conf.all.accept_source-route = 0 170 net.ipv6.conf.all.accept_source_route = 0
168 171
169 # See RFC 1337 172 # See RFC 1337
170 net.ipv4.tcp_rfc1337 = 1 173 net.ipv4.tcp_rfc1337 = 1
@@ -176,9 +179,6 @@ package() {
176 # Restarts computer after 120 seconds after kernel panic 179 # Restarts computer after 120 seconds after kernel panic
177 kernel.panic = 120 180 kernel.panic = 120
178 181
179 ## Disable magic-sysrq key
180 kernel.sysrq = 0
181
182 # Users should not be able to create soft or hard links to files 182 # Users should not be able to create soft or hard links to files
183 # which they do not own. This mitigates several privilege 183 # which they do not own. This mitigates several privilege
184 # escalation vulnerabilities. 184 # escalation vulnerabilities.
© 2015 Mike Crute