Skip to content

Commit

Permalink
work around with CVE-2019-3874
Browse files Browse the repository at this point in the history
  • Loading branch information
gjmzj committed Mar 28, 2019
1 parent b88d352 commit b684e96
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 0 deletions.
2 changes: 2 additions & 0 deletions roles/prepare/files/sctp.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# put sctp into blacklist
install sctp /bin/true
3 changes: 3 additions & 0 deletions roles/prepare/tasks/common.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,3 +39,6 @@

- name: 设置系统 ulimits
template: src=30-k8s-ulimits.conf.j2 dest=/etc/security/limits.d/30-k8s-ulimits.conf

- name: 把SCTP列入内核模块黑名单
copy: src=sctp.conf dest=/etc/modprobe.d/sctp.conf

0 comments on commit b684e96

Please sign in to comment.