Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-05-06 21:54:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

usrmerge

Browse source 
fixes https://github.com/Kicksecure/security-misc/issues/190
This commit is contained in:
Patrick Schleizer 2024-01-17 13:39:56 -05:00
parent 18a06935e0
commit 0efee2f50f
No known key found for this signature in database
GPG key ID: CB8D50BB77BB3C48
27 changed files with 65 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

21
usr/lib/systemd/system/harden-module-loading.service Normal file
View file

@ -0,0 +1,21 @@
[Unit]
Description=Disable the loading of additional modules after systemd-modules-load.service
Documentation=https://github.com/Kicksecure/security-misc
DefaultDependencies=no
Before=sysinit.target
Requires=local-fs.target
Requires=systemd-modules-load.service
After=local-fs.target
After=systemd-modules-load.service
# This functionality is implemented with this and not directly in the sysctl config is
# to allow systemd-modules-load.service to load the modules with no problem but
# to disallow anyone else do the same after the system boots up.
[Service]
Type=oneshot
ExecStart=/usr/libexec/security-misc/disable-kernel-module-loading
[Install]
WantedBy=sysinit.target