diff options
Diffstat (limited to 'manifests/subsystem/sysctl.pp')
-rw-r--r-- | manifests/subsystem/sysctl.pp | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/manifests/subsystem/sysctl.pp b/manifests/subsystem/sysctl.pp index 4329010..1f2cfda 100644 --- a/manifests/subsystem/sysctl.pp +++ b/manifests/subsystem/sysctl.pp @@ -1,6 +1,7 @@ class nodo::subsystem::sysctl { class { 'nodo::subsystem::sysctl::disable_ipv6': } class { 'nodo::subsystem::sysctl::tcp_challenge_ack_limit': } + class { 'nodo::subsystem::sysctl::unprivileged_bpf_disabled': } # Root exploit fix, see http://wiki.debian.org/mmap_min_addr # Maybe this can be remove in the future or included in a sysctl puppet module |