Don't both sysctl -w and sysctl -p in setting grsec lock

Because it is using both, the second sysctl -p is failing on noble/6.6 because the grsec lock is already set. Let's just skip the first sysctl -w and rely only on sysctl -p (which is more like how the kernel works when it boots) to set the necessary values.
freedomofpress · Oct 25, 2024 · acc93b2 · acc93b2
1 parent 2baedeb
commit acc93b2
Showing 1 changed file with 0 additions and 1 deletion.
diff --git a/install_files/ansible-base/roles/grsecurity/tasks/apply_grsec_lock.yml b/install_files/ansible-base/roles/grsecurity/tasks/apply_grsec_lock.yml
@@ -22,7 +22,6 @@
   sysctl:
     name: "{{ item.name }}"
     value: "{{ item.value }}"
-    sysctl_set: yes
     state: present
     reload: yes
   with_items: "{{ grsec_sysctl_flags }}"