From 0eefa15623acf09ebcb8b2d6f6945d0b3a7fac87 Mon Sep 17 00:00:00 2001
From: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
Date: Wed, 30 Nov 2016 10:47:06 -0800
Subject: [PATCH] Add sysctl changes as suggested by lynis

Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
---
 alpine/etc/sysctl.d/02-lynis.conf | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 alpine/etc/sysctl.d/02-lynis.conf

diff --git a/alpine/etc/sysctl.d/02-lynis.conf b/alpine/etc/sysctl.d/02-lynis.conf
new file mode 100644
index 000000000..2a1c0230f
--- /dev/null
+++ b/alpine/etc/sysctl.d/02-lynis.conf
@@ -0,0 +1,7 @@
+kernel.kptr_restrict = 2
+kernel.sysrq = 0
+net.ipv4.conf.all.send_redirects = 0
+net.ipv4.conf.default.accept_redirects = 0
+net.ipv4.conf.default.accept_source_route = 0
+net.ipv6.conf.all.accept_redirects = 0
+net.ipv6.conf.default.accept_redirects = 0
\ No newline at end of file