net.ipv6.conf.default.accept_ra #56
Comments
|
Ah, great catch! One more to add to the test-suite. Thank you @igoraj ! A PR is very welcome :) |
|
@arlimus i've checked spec/classes/sysctl_spec.rb but it seems there is no checking for net.ipv6.conf.all.accept_ra so i didn't add any for net.ipv6.conf.default.accept_ra either. does it even make sense to put those inside as there is no ability to change them through some param? |
arlimus
added a commit
that referenced
this issue
May 27, 2015
add net.ipv6.conf.default.accept_ra. closes #56
|
Good catch, as you said, if there's no paramter to change it (at the moment), we can leave it out of local specs. However we run all our repos through serverspec tests, to make sure parameters are actually set at the end of everything. Looking through the code, |
arlimus
added a commit
to dev-sec/linux-baseline
that referenced
this issue
May 28, 2015
This was uncovered by @igoraj at dev-sec/puppet-os-hardening#56 .
arlimus
added a commit
to dev-sec/linux-baseline
that referenced
this issue
Oct 15, 2015
This was uncovered by @igoraj at dev-sec/puppet-os-hardening#56 .
arlimus
added a commit
to dev-sec/linux-baseline
that referenced
this issue
Oct 15, 2015
This was uncovered by @igoraj at dev-sec/puppet-os-hardening#56 .
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I just wanted to check if there is some special reason why this module only sets
accept_raon 'all', but not also on 'default'?https://github.com/hardening-io/puppet-os-hardening/blob/master/manifests/sysctl.pp#L66-67
I can submit PR for this.
The text was updated successfully, but these errors were encountered: