summaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorsajolida <sajolida@pimienta.org>2016-05-16 20:59:29 +0000
committersajolida <sajolida@pimienta.org>2016-05-16 20:59:29 +0000
commita380bd3f32479efd8e13ca65596696e474701bb1 (patch)
treed67a4e0aaa6a88f9320b4645426dcbda2427971f /config
parent33a1c1771be60be19795c2f64cc58353d233632d (diff)
parent98a18593f754a5511d4f59aab3e5f80754b90cac (diff)
Merge remote-tracking branch 'origin/devel' into feature/11075-remove-power-menu-entries
Diffstat (limited to 'config')
-rwxr-xr-xconfig/chroot_local-hooks/98-remove_unwanted_files5
-rw-r--r--config/chroot_local-includes/etc/sysctl.d/kptr_restrict.conf1
2 files changed, 6 insertions, 0 deletions
diff --git a/config/chroot_local-hooks/98-remove_unwanted_files b/config/chroot_local-hooks/98-remove_unwanted_files
index 030e03f..43433fb 100755
--- a/config/chroot_local-hooks/98-remove_unwanted_files
+++ b/config/chroot_local-hooks/98-remove_unwanted_files
@@ -30,3 +30,8 @@ find /etc/ssl/certs /etc/ssl/private |
fi
done
update-ca-certificates
+
+# Remove the kernel .map files which are only useful for kernel
+# debugging (and slightly make things easier for malware, perhaps) and
+# otherwise just occupy disk space.
+rm -f /boot/*.map /boot/*.map-*
diff --git a/config/chroot_local-includes/etc/sysctl.d/kptr_restrict.conf b/config/chroot_local-includes/etc/sysctl.d/kptr_restrict.conf
new file mode 100644
index 0000000..a1e18e8
--- /dev/null
+++ b/config/chroot_local-includes/etc/sysctl.d/kptr_restrict.conf
@@ -0,0 +1 @@
+kernel.kptr_restrict=2