'[git.ipfire.org] IPFire 2.x development tree branch, next, updated. 10dd2afd6d339247e5c918f53d1a7fcb'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfire-scm
Subject:    [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 10dd2afd6d339247e5c918f53d1a7fcb
From:       Arne Fitzenreiter <git () ipfire ! org>
Date:       2019-08-08 11:23:42
Message-ID: 20190808112343.5F88160AEB () people01 ! haj ! ipfire ! org
[Download RAW message or body]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  10dd2afd6d339247e5c918f53d1a7fcbb5c43ddb (commit)
      from  c0f4a530348101f7f75b4282471a1388fa1622e8 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 10dd2afd6d339247e5c918f53d1a7fcbb5c43ddb
Author: Arne Fitzenreiter <arne_f@ipfire.org>
Date:   Thu Aug 8 09:30:49 2019 +0200

    sysctl: add seperate sysctl-x86_64.conf and move x86_64 only parameters
    
    Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 config/etc/sysctl-x86_64.conf                            |  3 +++
 config/etc/sysctl.conf                                   |  4 ----
 config/rootfiles/common/stage2                           |  1 +
 config/rootfiles/common/x86_64/stage2                    |  1 +
 config/rootfiles/core/135/filelists/files                |  1 +
 config/rootfiles/core/135/filelists/x86_64/sysctl-x86_64 |  1 +
 src/initscripts/system/sysctl                            | 12 ++++++++++++
 7 files changed, 19 insertions(+), 4 deletions(-)
 create mode 100644 config/etc/sysctl-x86_64.conf
 create mode 100644 config/rootfiles/core/135/filelists/x86_64/sysctl-x86_64

Difference in files:

diff --git a/config/etc/sysctl-x86_64.conf b/config/etc/sysctl-x86_64.conf
new file mode 100644
index 000000000..7384bed51
--- /dev/null
+++ b/config/etc/sysctl-x86_64.conf
@@ -0,0 +1,3 @@
+# Improve KASLR effectiveness for mmap
+vm.mmap_rnd_bits = 32
+vm.mmap_rnd_compat_bits = 16
diff --git a/config/etc/sysctl.conf b/config/etc/sysctl.conf
index 5a67f1795..9a943fffa 100644
--- a/config/etc/sysctl.conf
+++ b/config/etc/sysctl.conf
@@ -45,10 +45,6 @@ kernel.kptr_restrict = 2
 # Avoid kernel memory address exposures via dmesg.
 kernel.dmesg_restrict = 1
 
-# Improve KASLR effectiveness for mmap
-vm.mmap_rnd_bits = 32
-vm.mmap_rnd_compat_bits = 16
-
 # Minimal preemption granularity for CPU-bound tasks:
 # (default: 1 msec#  (1 + ilog(ncpus)), units: nanoseconds)
 kernel.sched_min_granularity_ns = 10000000
diff --git a/config/rootfiles/common/stage2 b/config/rootfiles/common/stage2
index 5999609ed..5b213c8de 100644
--- a/config/rootfiles/common/stage2
+++ b/config/rootfiles/common/stage2
@@ -42,6 +42,7 @@ etc/profile.d/umask.sh
 etc/resolv.conf
 etc/securetty
 etc/sysctl.conf
+#etc/sysctl-x86_64.conf
 etc/syslog.conf
 etc/system-release
 #home
diff --git a/config/rootfiles/common/x86_64/stage2 \
b/config/rootfiles/common/x86_64/stage2 index 576d3f77b..5734b4542 100644
--- a/config/rootfiles/common/x86_64/stage2
+++ b/config/rootfiles/common/x86_64/stage2
@@ -42,6 +42,7 @@ etc/profile.d/umask.sh
 etc/resolv.conf
 etc/securetty
 etc/sysctl.conf
+etc/sysctl-x86_64.conf
 etc/syslog.conf
 etc/system-release
 #home
diff --git a/config/rootfiles/core/135/filelists/files \
b/config/rootfiles/core/135/filelists/files index ec616e917..4c5fdce6c 100644
--- a/config/rootfiles/core/135/filelists/files
+++ b/config/rootfiles/core/135/filelists/files
@@ -9,6 +9,7 @@ etc/rc.d/init.d/functions
 etc/rc.d/init.d/leds
 etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders
 etc/rc.d/init.d/partresize
+etc/rc.d/init.d/sysctl
 etc/rc.d/init.d/unbound
 etc/sysctl.conf
 usr/sbin/setup
diff --git a/config/rootfiles/core/135/filelists/x86_64/sysctl-x86_64 \
b/config/rootfiles/core/135/filelists/x86_64/sysctl-x86_64 new file mode 100644
index 000000000..0a9fd8a87
--- /dev/null
+++ b/config/rootfiles/core/135/filelists/x86_64/sysctl-x86_64
@@ -0,0 +1 @@
+etc/sysctl-x86_64.conf
diff --git a/src/initscripts/system/sysctl b/src/initscripts/system/sysctl
index 0d0b5c1b3..296d589c5 100644
--- a/src/initscripts/system/sysctl
+++ b/src/initscripts/system/sysctl
@@ -24,6 +24,18 @@ case "${1}" in
 			sysctl -q -p
 			evaluate_retval
 		fi
+		arch=`uname -m`
+		case "${arch}" in
+			i?86 )	arch="i586";
+				;;
+			armv*)	arch="armv5tel":
+				;;
+		esac
+		if [ -f "/etc/sysctl-${arch}.conf" ]; then
+			boot_mesg "Setting ${arch}-kernel runtime parameters..."
+			sysctl -q -p /etc/sysctl-${arch}.conf
+			evaluate_retval
+		fi
 		;;
 
 	status)


hooks/post-receive
--
IPFire 2.x development tree
_______________________________________________
IPFire-SCM mailing list
IPFire-SCM@lists.ipfire.org
https://lists.ipfire.org/mailman/listinfo/ipfire-scm


[prev in list] [next in list] [prev in thread] [next in thread] 
