Merge pull request #13 from madaidan/patch-9

Remove System.map and restrict the SysRq key.
This commit is contained in:
Patrick Schleizer 2019-06-28 06:58:32 +00:00 committed by GitHub
commit 5e02100e34
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 25 additions and 0 deletions

2
etc/sysctl.d/sysrq.conf Normal file
View File

@ -0,0 +1,2 @@
# Allow only rebooting/shutting down with the SysRq key.
kernel.sysrq=128

View File

@ -0,0 +1,9 @@
[Unit]
Description=Removes the System.map files
[Service]
Type=oneshot
ExecStart=/usr/lib/security-misc/remove-system.map
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,14 @@
#!/bin/bash
## Copyright (C) 2012 - 2018 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
## See the file COPYING for copying conditions.
shopt -s nullglob
# Removes the System.map files as they are only used for debugging or malware.
for filename in /boot/System.map-*
do
if [ -f "${filename}" ]; then
rm -f "${filename}"
fi
done