Commit 83081013f6fb73b7d02eee38dec24843547d880c - kali-defaults

Merge branch 'sysctl-settings' into 'kali/master' Add two sysctl settings Closes #12 See merge request kalilinux/packages/kali-defaults!11 Raphaël Hertzog 1 year, 4 months ago

7 changed file(s) with 51 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all

-0

README less more

9	9
10	10	The package also diverts some files when the configuration system
11	11	does not offer something better.
	12
	13	sysctl settings
	14	---------------
	15
	16	When adding or removing a setting, make sure that the name
	17	starts with '50-kali-defaults-', since the postinst script
	18	relies on this convention to reload the settings.

-0

debian/kali-defaults.install less more

25	25	pulseaudio/kali_pulseaudio.conf usr/lib/systemd/user/pulseaudio.service.d/
26	26	pulseaudio/kali_pulseaudio.socket.conf usr/lib/systemd/user/pulseaudio.socket.d/
27	27	samba/smb.conf usr/share/samba/
	28	sysctl/* usr/lib/sysctl.d/
28	29	systemd/* lib/systemd/
29	30	usr/* usr/

-0

debian/kali-defaults.postinst less more

187	187	# /etc/systemd/network/* changes
188	188	dpkg-trigger --no-await update-initramfs
189	189	fi
	190
	191	# Apply kernel sysctl settings
	192	if [ -x /lib/systemd/systemd-sysctl ]; then
	193	for file in /usr/lib/sysctl.d/50-kali-defaults-*.conf; do
	194	/lib/systemd/systemd-sysctl $(basename $file) \|\| true
	195	done
	196	fi
190	197	fi
191	198
192	199	# dh_installdeb will replace this with shell code automatically

-0

debian/tests/control less more

	0	# non-privileged users should be able to run dmesg
	1	Test-Command: dmesg >/dev/null
	2	Restrictions: isolation-machine
	3
	4	# non-privileged users should be able to open any ports
	5	Tests: unprivileged-ports
	6	Restrictions: isolation-machine
	7	Depends: netcat-traditional

+12

-0

debian/tests/unprivileged-ports less more

	0	#!/bin/sh
	1
	2	# port must be < 1024
	3	port=123
	4
	5	echo foobar \| timeout 1 netcat -l -p $port
	6	rc=$?
	7
	8	# if the command timed out, it means success
	9	if test $rc -eq 124; then rc=0; fi
	10
	11	exit $rc

-0

sysctl/50-kali-defaults-dmesg.conf less more

	0	# This file is part of kali-defaults.
	1	#
	2	# If the setting(s) in this file are not desirable, do NOT
	3	# modify this file. Instead, start 'kali-tweaks' in a
	4	# terminal and change the setting from there.
	5
	6	# Allow unprivileged users to run dmesg.
	7	kernel.dmesg_restrict = 0

-0

sysctl/50-kali-defaults-unprivileged-ports.conf less more

	0	# This file is part of kali-defaults.
	1	#
	2	# If the setting(s) in this file are not desirable, do NOT
	3	# modify this file. Instead, start 'kali-tweaks' in a
	4	# terminal and change the setting from there.
	5
	6	# Disable privileged ports.
	7	net.ipv4.ip_unprivileged_port_start = 0