Tomster/Arch-Setup-Script
1
0
Fork 0
mirror of https://github.com/tommytran732/Arch-Setup-Script synced 2024-11-09 12:11:33 -05:00
Code

Update install.sh

Browse Source
This commit is contained in:
TommyTran732 2021-05-22 02:05:01 -04:00 committed by tommytran732
parent 1c7bda2c2b
commit 8f9b7d59a4
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2
1 changed files with 9 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
install.sh
View File

@ -199,7 +199,6 @@ echo -e "# Booting with BTRFS subvolume\nGRUB_BTRFS_OVERRIDE_BOOT_PARTITION_DETE
dd bs=512 count=4 if=/dev/random of=/mnt/.root.key iflag=fullblock &>/dev/null dd bs=512 count=4 if=/dev/random of=/mnt/.root.key iflag=fullblock &>/dev/null
chmod 000 /mnt/.root.key &>/dev/null chmod 000 /mnt/.root.key &>/dev/null
cryptsetup -v luksAddKey /dev/disk/by-partlabel/cryptroot /mnt/.root.key cryptsetup -v luksAddKey /dev/disk/by-partlabel/cryptroot /mnt/.root.key
#I also remove the quiet flag here, since not having any sort of output is a pain
sed -i "s,quiet,cryptdevice=UUID=$UUID:cryptroot root=$BTRFS lsm=lockdown,yama,apparmor,bpf cryptkey=rootfs:/.root.key,g" /mnt/etc/default/grub sed -i "s,quiet,cryptdevice=UUID=$UUID:cryptroot root=$BTRFS lsm=lockdown,yama,apparmor,bpf cryptkey=rootfs:/.root.key,g" /mnt/etc/default/grub
sed -i 's#FILES=()#FILES=(/.root.key)#g' /mnt/etc/mkinitcpio.conf sed -i 's#FILES=()#FILES=(/.root.key)#g' /mnt/etc/mkinitcpio.conf
@ -214,7 +213,7 @@ kernel.yama.ptrace_scope = 3
kernel.unprivileged_userns_clone = 1 kernel.unprivileged_userns_clone = 1
EOF EOF
# Randomize Mac Address # Randomize Mac Address.
bash -c 'cat > /mnt/etc/NetworkManager/conf.d/00-macrandomize.conf' <<-'EOF' bash -c 'cat > /mnt/etc/NetworkManager/conf.d/00-macrandomize.conf' <<-'EOF'
[device] [device]
wifi.scan-rand-mac-address=yes wifi.scan-rand-mac-address=yes
@ -226,7 +225,7 @@ EOF
chmod 700 /mnt/etc/NetworkManager/conf.d/00-macrandomize.conf chmod 700 /mnt/etc/NetworkManager/conf.d/00-macrandomize.conf
# Disable Connectivity Check # Disable Connectivity Check.
bash -c 'cat > /mnt/etc/NetworkManager/conf.d/20-connectivity.conf' <<-'EOF' bash -c 'cat > /mnt/etc/NetworkManager/conf.d/20-connectivity.conf' <<-'EOF'
[connectivity] [connectivity]
uri=http://www.archlinux.org/check_network_status.txt uri=http://www.archlinux.org/check_network_status.txt
@ -287,27 +286,27 @@ systemctl enable fstrim.timer --root=/mnt &>/dev/null
echo "Enabling NetworkManager." echo "Enabling NetworkManager."
systemctl enable NetworkManager --root=/mnt &>/dev/null systemctl enable NetworkManager --root=/mnt &>/dev/null
# Enabling GDM # Enabling GDM.
systemctl enable gdm --root=/mnt &>/dev/null systemctl enable gdm --root=/mnt &>/dev/null
# Enabling AppArmor # Enabling AppArmor.
systemctl enable apparmor --root=/mnt &>/dev/null systemctl enable apparmor --root=/mnt &>/dev/null
# Enabling Firewalld # Enabling Firewalld.
systemctl enable firewalld --root=/mnt &>/dev/null systemctl enable firewalld --root=/mnt &>/dev/null
# Enabling Bluetooth Service (If you don't want bluetooth, disable it with GNOME, don't disable the service) # Enabling Bluetooth Service (If you don't want bluetooth, disable it with GNOME, don't disable the service).
systemctl enable bluetooth --root=/mnt &>/dev/null systemctl enable bluetooth --root=/mnt &>/dev/null
# Enabling Reflector timer # Enabling Reflector timer.
systemctl enable reflector.timer --root=/mnt &>/dev/null systemctl enable reflector.timer --root=/mnt &>/dev/null
# Setting umask to 077 # Setting umask to 077.
sed -i 's/022/077/g' /mnt/etc/profile sed -i 's/022/077/g' /mnt/etc/profile
echo "" >> /mnt/etc/bash.bashrc echo "" >> /mnt/etc/bash.bashrc
echo "umask 077" >> /mnt/etc/bash.bashrc echo "umask 077" >> /mnt/etc/bash.bashrc
#Blacklist Firewire SBP2 #Blacklist Firewire SBP2.
echo "blacklist firewire-sbp2" | sudo tee /mnt/etc/modprobe.d/blacklist.conf echo "blacklist firewire-sbp2" | sudo tee /mnt/etc/modprobe.d/blacklist.conf
echo "Done, you may now wish to reboot (further changes can be done by chrooting into /mnt)." echo "Done, you may now wish to reboot (further changes can be done by chrooting into /mnt)."