diff options
| -rw-r--r-- | manifests/subsystem/sysctl/unprivileged_bpf_disabled.pp | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/manifests/subsystem/sysctl/unprivileged_bpf_disabled.pp b/manifests/subsystem/sysctl/unprivileged_bpf_disabled.pp new file mode 100644 index 0000000..f82bfc9 --- /dev/null +++ b/manifests/subsystem/sysctl/unprivileged_bpf_disabled.pp @@ -0,0 +1,6 @@ +# See https://www.debian.org/security/2017/dsa-4073 +class nodo::subsystem::sysctl::unprivileged_bpf_disabled() { + nodo::subsystem::sysctl::entry { 'kernel.unprivileged_bpf_disabled': + value => '1', + } +} |