aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2018-06-07 10:52:32 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2018-06-07 12:38:18 +0000
commit0655da328034c0de4ba88ea54613347b906da77e (patch)
tree221012164019752d486c15dfb64bb73dde3ca623
parentdeb396b0df2cef3994cc0de1623028d1c79b5b6c (diff)
downloadaports-0655da328034c0de4ba88ea54613347b906da77e.tar.bz2
aports-0655da328034c0de4ba88ea54613347b906da77e.tar.xz
main/alpine-baselayout: enable ipv6 and sysrq by default
- enable ipv6 by default and fix the sysctl keys for ipv6 - add ::1 entry in /etc/hosts - remove sysrq entry again
-rw-r--r--main/alpine-baselayout/APKBUILD20
1 files changed, 10 insertions, 10 deletions
diff --git a/main/alpine-baselayout/APKBUILD b/main/alpine-baselayout/APKBUILD
index 2e1a8673a2..2f8f896a38 100644
--- a/main/alpine-baselayout/APKBUILD
+++ b/main/alpine-baselayout/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=alpine-baselayout
-pkgver=3.0.6
+pkgver=3.1.0
pkgrel=0
pkgdesc="Alpine base dir structure and init scripts"
url="https://git.alpinelinux.org/cgit/aports/tree/main/alpine-baselayout"
@@ -120,15 +120,19 @@ package() {
echo "UTC" > "$pkgdir"/etc/TZ
echo "localhost" > "$pkgdir"/etc/hostname
- echo "127.0.0.1 localhost localhost.localdomain" > "$pkgdir"/etc/hosts
- echo "af_packet" >"$pkgdir"/etc/modules
-
+ cat > "$pkgdir"/etc/hosts <<-EOF
+ 127.0.0.1 localhost localhost.localdomain
+ ::1 localhost localhost.localdomain
+ EOF
+ cat > "$pkgdir"/etc/modules <<-EOF
+ af_packet
+ ipv6
+ EOF
cat > "$pkgdir"/etc/shells <<-EOF
# valid login shells
/bin/sh
/bin/ash
EOF
-
cat > "$pkgdir"/etc/motd <<-EOF
Welcome to Alpine!
@@ -160,11 +164,10 @@ package() {
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 1
net.ipv6.conf.all.accept_redirects = 0
- net.ipv6.conf.all.secure_redirects = 1
# The source routing feature includes some known vulnerabilities.
net.ipv4.conf.all.accept_source_route = 0
- net.ipv6.conf.all.accept_source-route = 0
+ net.ipv6.conf.all.accept_source_route = 0
# See RFC 1337
net.ipv4.tcp_rfc1337 = 1
@@ -176,9 +179,6 @@ package() {
# Restarts computer after 120 seconds after kernel panic
kernel.panic = 120
- ## Disable magic-sysrq key
- kernel.sysrq = 0
-
# Users should not be able to create soft or hard links to files
# which they do not own. This mitigates several privilege
# escalation vulnerabilities.