diff options
| -rw-r--r-- | manifests/subsystem/grsec.pp | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/manifests/subsystem/grsec.pp b/manifests/subsystem/grsec.pp index 185454f..9cc8ba6 100644 --- a/manifests/subsystem/grsec.pp +++ b/manifests/subsystem/grsec.pp @@ -1,11 +1,18 @@ class nodo::subsystem::grsec { include nodo::utils::security::grsec + nodo::subsystem::sysctl::entry { 'kernel.grsecurity.grsec_lock': + order => 'zz', + value => 1, + } + nodo::subsystem::sysctl::entry { 'kernel.grsecurity.rwxmap_logging': + order => 'xx', value => 0, } - nodo::subsystem::sysctl::entry { 'kernel.grsecurity.grsec_lock': - value => 1, + # Old configs + file { [ '/etc/sysctl.d/kernel.grsecurity.rwxmap_logging.conf', '/etc/sysctl.d/kernel.grsecurity.grsec_lock.conf' ]: + ensure => absent, } } |