Tomster/Arch-Setup-Script
1
0
Fork 0
mirror of https://github.com/tommytran732/Arch-Setup-Script synced 2024-11-22 01:21:34 -05:00
Code

Add Apparmor

Browse Source 
It is pretty much the only properly working MAC system on Arch right now.
This commit is contained in:
TommyTran732 2021-04-11 03:52:36 -04:00 committed by tommytran732
parent 9a161bfe0b
commit dcfbd71926
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
install.sh
View File

@ -110,7 +110,7 @@ mount $ESP /mnt/boot/efi
# Pacstrap (setting up a base sytem onto the new root). # Pacstrap (setting up a base sytem onto the new root).
echo "Installing the base system (it may take a while)." echo "Installing the base system (it may take a while)."
pacstrap /mnt base ${KERNEL} linux-firmware btrfs-progs grub grub-btrfs efibootmgr snapper sudo networkmanager wpa_supplicant &>/dev/null pacstrap /mnt base ${KERNEL} linux-firmware btrfs-progs grub grub-btrfs efibootmgr snapper sudo networkmanager wpa_supplicant apparmor &>/dev/null
# Generating /etc/fstab. # Generating /etc/fstab.
echo "Generating a new fstab." echo "Generating a new fstab."
@ -146,6 +146,7 @@ sed -i -e 's,modconf block filesystems keyboard,keyboard keymap modconf block en
UUID=$(blkid $Cryptroot | cut -f2 -d'"') UUID=$(blkid $Cryptroot | cut -f2 -d'"')
sed -i 's/#\(GRUB_ENABLE_CRYPTODISK=y\)/\1/' /mnt/etc/default/grub sed -i 's/#\(GRUB_ENABLE_CRYPTODISK=y\)/\1/' /mnt/etc/default/grub
sed -i -e "s,quiet,quiet cryptdevice=UUID=$UUID:cryptroot root=$BTRFS,g" /mnt/etc/default/grub sed -i -e "s,quiet,quiet cryptdevice=UUID=$UUID:cryptroot root=$BTRFS,g" /mnt/etc/default/grub
sed -i -e "s#root=/dev/mapper/cryptroot#oot=/dev/mapper/cryptroot lsm=lockdown,yama,apparmor,bpf#g" /mnt/etc/default/grub
echo "" >> /mnt/etc/default/grub echo "" >> /mnt/etc/default/grub
echo "# Booting with BTRFS subvolume" >> /mnt/etc/default/grub echo "# Booting with BTRFS subvolume" >> /mnt/etc/default/grub
echo "GRUB_BTRFS_OVERRIDE_BOOT_PARTITION_DETECTION=true" >> /mnt/etc/default/grub echo "GRUB_BTRFS_OVERRIDE_BOOT_PARTITION_DETECTION=true" >> /mnt/etc/default/grub