vyatta-cfg-system.git/sysconf, branch debian/0.17.76

Enable putting core files /var/core

2010-07-14T22:31:30+00:00

For serviceablity put core files in /var/core. But core file will still not be created unless process is running with permission to write there, and has ulimit permission.

Touch file before setting capability

2010-07-01T20:36:26+00:00

Unionfs should copyup the xattr automatically, but it doesn't so use touch to force a copyup before setting attributes.

Fix path to ipset

2010-06-21T04:18:49+00:00

Don't need audit write on vbash

2010-06-17T21:45:17+00:00

Not using auditing for command logging.

Remove capability from ping

2010-06-16T17:43:45+00:00

Ping is already setuid root.

Add pam_cap capability configuration

2010-06-04T21:09:56+00:00

Set file capability attributes

2010-06-04T21:09:51+00:00

This sets file capability attributes during package installation (and build) to allow better security models.

Get rid of protected-users file

2010-01-27T02:09:55+00:00

Instead of white-listing special system users, just go with the Debian policy that all users with uid < 1000 are system accounts

Set IPV6 parameters in rl-system.init

2010-01-21T03:12:25+00:00

The problem is that IPV6 module is not loaded when sysctl's are interpreted during boot, and we want to allow marking IPV6 disabled.

Change how IPV4/IPV6 configuration values are done

2010-01-20T01:00:30+00:00

1. Move vyatta-sysctl.conf from rl-system.init to procps This makes configuration happen early (before networking) 2. Do IPV6 configuration for address_flush in rl-system.init (after IPV6 is loaded) 3. Cleanup shell code for ipv6_params: * no sudo needed in startup scripts * use cleaner iteration