Tomster/Linux-Setup-Scripts
1
0
Fork 0
mirror of https://github.com/tommytran732/Linux-Setup-Scripts synced 2024-11-09 19:51:34 -05:00
Code

Update Fedora-WorkStation-33.sh

Browse Source
This commit is contained in:
TommyTran732 2021-04-04 10:39:06 +00:00 committed by GitHub
parent 8dcc133c04
commit 09238a9e42
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Fedora-WorkStation-33.sh
View File

@ -58,6 +58,18 @@ sudo sysctl --load=/etc/sysctl.d/10-default-yama-scope.conf
#Blacklist Firewire SBP2 #Blacklist Firewire SBP2
echo "blacklist firewire-sbp2" | sudo tee /etc/modprobe.d/blacklist.conf echo "blacklist firewire-sbp2" | sudo tee /etc/modprobe.d/blacklist.conf
#GRUB hardening (Thanks to https://www.ncsc.gov.uk/collection/end-user-device-security/platform-specific-guidance/ubuntu-18-04-lts)
echo -e "${HIGHLIGHT}Configuring grub...${NC}"
output "Please enter a grub sysadmin passphrase..."
getPassphrase
echo "set superusers=\"sysadmin\"" >> /etc/grub.d/40_custom
echo -e "$PASS\n$PASS" | grub-mkpasswd-pbkdf2 | tail -n1 | awk -F" " '{print "password_pbkdf2 sysadmin " $7}' >> /etc/grub.d/40_custom
sed -ie '/echo "menuentry / s/echo "menuentry /echo "menuentry --unrestricted /' /etc/grub.d/10_linux
sed -ie '/^GRUB_CMDLINE_LINUX_DEFAULT=/ s/"$/ module.sig_enforce=yes"/' /etc/default/grub
echo "GRUB_SAVEDEFAULT=false" >> /etc/default/grub
grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
#Setup Firewalld #Setup Firewalld
sudo firewall-cmd --permanent --remove-port=1025-65535/udp sudo firewall-cmd --permanent --remove-port=1025-65535/udp
sudo firewall-cmd --permanent --remove-port=1025-65535/tcp sudo firewall-cmd --permanent --remove-port=1025-65535/tcp