1
0
mirror of https://github.com/tommytran732/Linux-Setup-Scripts synced 2024-12-23 15:22:12 -05:00

Setup hardened_malloc

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2024-01-11 03:25:11 -07:00
parent 90019fbb1c
commit 423c3fff72
Signed by: Tomster
GPG Key ID: 555C902A34EC968F
2 changed files with 28 additions and 10 deletions

View File

@ -189,13 +189,22 @@ else
sudo tuned-adm profile virtual-guest
fi
# Setup real-ucode
if [ "$virt_type" = '' ]; then
# Setup real-ucode and hardened_malloc
if [ "$virt_type" = '' ] || [ "${MACHINE_TYPE}" == 'x86_64' ]; then
sudo dnf install 'https://divested.dev/rpm/fedora/divested-release-20231210-2.noarch.rpm' -y
sudo sed -i 's/^metalink=.*/&?protocol=https/g' /etc/yum.repos.d/divested-release.repo
sudo dnf config-manager --save --setopt=divested.includepkgs=divested-release,real-ucode,microcode_ctl,amd-ucode-firmware
sudo dnf install real-ucode -y
sudo dracut -f
if [ "${MACHINE_TYPE}" != 'x86_64' ]; then
sudo dnf config-manager --save --setopt=divested.includepkgs=divested-release,real-ucode,microcode_ctl,amd-ucode-firmware
sudo dnf install real-ucode -y
sudo dracut -f
elif [ "$virt_type" != '' ]; then
sudo dnf config-manager --save --setopt=divested.includepkgs=divested-release,hardened_malloc
sudo dnf install hardened_malloc -y
else
sudo dnf config-manager --save --setopt=divested.includepkgs=divested-release,real-ucode,microcode_ctl,amd-ucode-firmware,hardened_malloc
sudo dnf install real-ucode hardened_malloc -y
sudo dracut -f
fi
fi
output 'The script is done. You can also remove gnome-terminal since gnome-console will replace it.'

View File

@ -187,13 +187,22 @@ else
sudo tuned-adm profile virtual-guest
fi
# Setup real-ucode
if [ "$virt_type" = "" ]; then
# Setup real-ucode and hardened_malloc
if [ "$virt_type" = '' ] || [ "${MACHINE_TYPE}" == 'x86_64' ]; then
sudo dnf install 'https://divested.dev/rpm/fedora/divested-release-20231210-2.noarch.rpm' -y
sudo sed -i 's/^metalink=.*/&?protocol=https/g' /etc/yum.repos.d/divested-release.repo
sudo dnf config-manager --save --setopt=divested.includepkgs=divested-release,real-ucode,microcode_ctl,amd-ucode-firmware
sudo dnf install real-ucode -y
sudo dracut -f
if [ "${MACHINE_TYPE}" != 'x86_64' ]; then
sudo dnf config-manager --save --setopt=divested.includepkgs=divested-release,real-ucode,microcode_ctl,amd-ucode-firmware
sudo dnf install real-ucode -y
sudo dracut -f
elif [ "$virt_type" != '' ]; then
sudo dnf config-manager --save --setopt=divested.includepkgs=divested-release,hardened_malloc
sudo dnf install hardened_malloc -y
else
sudo dnf config-manager --save --setopt=divested.includepkgs=divested-release,real-ucode,microcode_ctl,amd-ucode-firmware,hardened_malloc
sudo dnf install real-ucode hardened_malloc -y
sudo dracut -f
fi
fi
# Setup fwupd