Open michaelw opened 3 years ago
@michaelw Well, for me it looks like you have changed the logic that way: If $enable_sysctl_config
is true (which is the default) then the class os_hardening::sysctl
is always applied, independend of the environment. That means that most of sysctl settings are set also in container environment, and only a few are skipped.
I don't think that's the way it should be ...
This disables a few sysctls that do not apply in LXC and docker environments, without affecting the rest.