Tomster/Linux-Setup-Scripts
1
0
Fork 0
mirror of https://github.com/tommytran732/Linux-Setup-Scripts synced 2024-09-19 13:44:43 -04:00
Code

Update Fedora-WorkStation-33.sh

Browse Source
This commit is contained in:
TommyTran732 2021-04-14 21:08:21 -04:00 committed by GitHub
parent b9a9d2cb8c
commit 27efbc3534
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
Fedora-WorkStation-33.sh
View File

@ -142,6 +142,36 @@ EOF
sudo sysctl --load=/etc/sysctl.d/99-steam.conf
#Security kernel settings
sudo bash -c 'cat > /etc/sysctl.d/51-dmesg-restrict.conf' <<-'EOF'
kernel.dmesg_restrict = 1
EOF
sudo sysctl --load=/etc/sysctl.d/51-dmesg-restrict.conf
sudo bash -c 'cat > /etc/sysctl.d/51-kptr-restrict.conf' <<-'EOF'
kernel.kptr_restrict = 2
EOF
sudo sysctl --load=/etc/sysctl.d/51-kptr-restrict.conf
sudo bash -c 'cat > /etc/sysctl.d/51-kexec-restrict.conf' <<-'EOF'
kernel.kexec_load_disabled = 1
EOF
sudo sysctl --load=/etc/sysctl.d/51-kexec-restrict.conf
sudo bash -c 'cat > /etc/sysctl.d/10-security.conf' <<-'EOF'
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
net.core.bpf_jit_harden = 2
kernel.yama.ptrace_scope = 3
module.sig_enforce = 1
EOF
sudo sysctl --load=/etc/sysctl.d/10-security.conf.conf
#Quick fixes for pulse audio with steam
sudo bash -c 'cat > /etc/pulse/daemon.conf' <<-'EOF'
# $ sudo nano /etc/pulse/daemon.conf