Merge branch 'sysctl-settings' into 'kali/master'
Add two sysctl settings
Closes #12
See merge request kalilinux/packages/kali-defaults!11
Raphaƫl Hertzog
1 year, 4 months ago
9 | 9 |
|
10 | 10 |
The package also diverts some files when the configuration system
|
11 | 11 |
does not offer something better.
|
|
12 |
|
|
13 |
sysctl settings
|
|
14 |
---------------
|
|
15 |
|
|
16 |
When adding or removing a setting, make sure that the name
|
|
17 |
starts with '50-kali-defaults-', since the postinst script
|
|
18 |
relies on this convention to reload the settings.
|
25 | 25 |
pulseaudio/kali_pulseaudio.conf usr/lib/systemd/user/pulseaudio.service.d/
|
26 | 26 |
pulseaudio/kali_pulseaudio.socket.conf usr/lib/systemd/user/pulseaudio.socket.d/
|
27 | 27 |
samba/smb.conf usr/share/samba/
|
|
28 |
sysctl/* usr/lib/sysctl.d/
|
28 | 29 |
systemd/* lib/systemd/
|
29 | 30 |
usr/* usr/
|
187 | 187 |
# /etc/systemd/network/* changes
|
188 | 188 |
dpkg-trigger --no-await update-initramfs
|
189 | 189 |
fi
|
|
190 |
|
|
191 |
# Apply kernel sysctl settings
|
|
192 |
if [ -x /lib/systemd/systemd-sysctl ]; then
|
|
193 |
for file in /usr/lib/sysctl.d/50-kali-defaults-*.conf; do
|
|
194 |
/lib/systemd/systemd-sysctl $(basename $file) || true
|
|
195 |
done
|
|
196 |
fi
|
190 | 197 |
fi
|
191 | 198 |
|
192 | 199 |
# dh_installdeb will replace this with shell code automatically
|
|
0 |
# non-privileged users should be able to run dmesg
|
|
1 |
Test-Command: dmesg >/dev/null
|
|
2 |
Restrictions: isolation-machine
|
|
3 |
|
|
4 |
# non-privileged users should be able to open any ports
|
|
5 |
Tests: unprivileged-ports
|
|
6 |
Restrictions: isolation-machine
|
|
7 |
Depends: netcat-traditional
|
|
0 |
#!/bin/sh
|
|
1 |
|
|
2 |
# port must be < 1024
|
|
3 |
port=123
|
|
4 |
|
|
5 |
echo foobar | timeout 1 netcat -l -p $port
|
|
6 |
rc=$?
|
|
7 |
|
|
8 |
# if the command timed out, it means success
|
|
9 |
if test $rc -eq 124; then rc=0; fi
|
|
10 |
|
|
11 |
exit $rc
|
|
0 |
# This file is part of kali-defaults.
|
|
1 |
#
|
|
2 |
# If the setting(s) in this file are not desirable, do NOT
|
|
3 |
# modify this file. Instead, start 'kali-tweaks' in a
|
|
4 |
# terminal and change the setting from there.
|
|
5 |
|
|
6 |
# Allow unprivileged users to run dmesg.
|
|
7 |
kernel.dmesg_restrict = 0
|
|
0 |
# This file is part of kali-defaults.
|
|
1 |
#
|
|
2 |
# If the setting(s) in this file are not desirable, do NOT
|
|
3 |
# modify this file. Instead, start 'kali-tweaks' in a
|
|
4 |
# terminal and change the setting from there.
|
|
5 |
|
|
6 |
# Disable privileged ports.
|
|
7 |
net.ipv4.ip_unprivileged_port_start = 0
|