forked from ComplianceAsCode/content
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtemplate_BASH_sysctl
32 lines (28 loc) · 1.02 KB
/
template_BASH_sysctl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# platform = multi_platform_rhel,multi_platform_fedora,multi_platform_ol,multi_platform_rhv
# reboot = true
# strategy = disable
# complexity = low
# disruption = medium
. /usr/share/scap-security-guide/remediation_functions
{{%- if SYSCTLVAL == "" %}}
populate sysctl_{{{ SYSCTLID }}}_value
#
# Set runtime for {{{ SYSCTLVAR }}}
#
/sbin/sysctl -q -n -w {{{ SYSCTLVAR }}}="$sysctl_{{{ SYSCTLID }}}_value"
#
# If {{{ SYSCTLVAR }}} present in /etc/sysctl.conf, change value to appropriate value
# else, add "{{{ SYSCTLVAR }}} = value" to /etc/sysctl.conf
#
replace_or_append '/etc/sysctl.conf' '^{{{ SYSCTLVAR }}}' "$sysctl_{{{ SYSCTLID }}}_value" '@CCENUM@'
{{%- else %}}
#
# Set runtime for {{{ SYSCTLVAR }}}
#
/sbin/sysctl -q -n -w {{{ SYSCTLVAR }}}="{{{ SYSCTLVAL }}}"
#
# If {{{ SYSCTLVAR }}} present in /etc/sysctl.conf, change value to "{{{ SYSCTLVAL }}}"
# else, add "{{{ SYSCTLVAR }}} = {{{ SYSCTLVAL }}}" to /etc/sysctl.conf
#
replace_or_append '/etc/sysctl.conf' '^{{{ SYSCTLVAR }}}' "{{{ SYSCTLVAL }}}" '@CCENUM@'
{{%- endif %}}