Hi Pavel Simerda, The IPv6 updates are breaking stuff (and probably increasing the attack surface):
Bug 1231946 - unbound-anchor ignores net.ipv6.conf.all.disable_ipv6=1 in /etc/sysctl.conf https://bugzilla.redhat.com/show_bug.cgi?id=1231946 Bug 1251762 - dnssec-triggerd ignores net.ipv6.conf.all.disable_ipv6=1 in /etc/sysctl.conf https://bugzilla.redhat.com/show_bug.cgi?id=1251762 (maybe other software like avahi also don't remember right now) You can reproduce this by putting "ipv6.disable=1" in the kernel command line. Doing 'setsebool -P domain_kernel_load_modules 1' would reduce the security provided by SELinux so it is not an option. Would appreciate fixes please. Thanks. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
