1
0
mirror of https://github.com/tommytran732/Linux-Setup-Scripts synced 2024-12-23 07:12:07 -05:00

Update Fedora-WorkStation-33.sh

This commit is contained in:
TommyTran732 2021-04-04 10:39:06 +00:00 committed by GitHub
parent 8dcc133c04
commit 09238a9e42
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -58,6 +58,18 @@ sudo sysctl --load=/etc/sysctl.d/10-default-yama-scope.conf
#Blacklist Firewire SBP2
echo "blacklist firewire-sbp2" | sudo tee /etc/modprobe.d/blacklist.conf
#GRUB hardening (Thanks to https://www.ncsc.gov.uk/collection/end-user-device-security/platform-specific-guidance/ubuntu-18-04-lts)
echo -e "${HIGHLIGHT}Configuring grub...${NC}"
output "Please enter a grub sysadmin passphrase..."
getPassphrase
echo "set superusers=\"sysadmin\"" >> /etc/grub.d/40_custom
echo -e "$PASS\n$PASS" | grub-mkpasswd-pbkdf2 | tail -n1 | awk -F" " '{print "password_pbkdf2 sysadmin " $7}' >> /etc/grub.d/40_custom
sed -ie '/echo "menuentry / s/echo "menuentry /echo "menuentry --unrestricted /' /etc/grub.d/10_linux
sed -ie '/^GRUB_CMDLINE_LINUX_DEFAULT=/ s/"$/ module.sig_enforce=yes"/' /etc/default/grub
echo "GRUB_SAVEDEFAULT=false" >> /etc/default/grub
grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
#Setup Firewalld
sudo firewall-cmd --permanent --remove-port=1025-65535/udp
sudo firewall-cmd --permanent --remove-port=1025-65535/tcp