From 5aca397a763ddbc6056309d1cc5a4759edfaab2d Mon Sep 17 00:00:00 2001 From: Tommy Date: Thu, 7 Dec 2023 17:15:05 -0700 Subject: [PATCH] Compliance update Signed-off-by: Tommy --- Fedora-Workstation-38.sh | 4 +++- GCP-Debian-11.sh | 3 ++- Proxmox-8.sh | 3 ++- RHEL-Server-9.sh | 3 ++- Ubuntu-22.04-Desktop.sh | 3 +++ Ubuntu-22.04-Server.sh | 3 +++ 6 files changed, 15 insertions(+), 4 deletions(-) diff --git a/Fedora-Workstation-38.sh b/Fedora-Workstation-38.sh index 659d342..f20d61c 100644 --- a/Fedora-Workstation-38.sh +++ b/Fedora-Workstation-38.sh @@ -25,7 +25,9 @@ unpriv(){ } # Compliance -sudo systemctl disable --now ctrl-alt-del.target +sudo systemctl mask ctrl-alt-del.target +sudo systemctl mask debug-shell.service +sudo systemctl mask kdump.service # Setting umask to 077 umask 077 diff --git a/GCP-Debian-11.sh b/GCP-Debian-11.sh index 9bf8648..7614565 100644 --- a/GCP-Debian-11.sh +++ b/GCP-Debian-11.sh @@ -23,7 +23,8 @@ unpriv(){ } # Compliance -sudo systemctl disable --now ctrl-alt-del.target +sudo systemctl mask ctrl-alt-del.target +sudo systemctl mask debug-shell.service # Setup NTS sudo rm -rf /etc/chrony/chrony.conf diff --git a/Proxmox-8.sh b/Proxmox-8.sh index 10f4d50..aee7dd5 100644 --- a/Proxmox-8.sh +++ b/Proxmox-8.sh @@ -21,7 +21,8 @@ output(){ } # Compliance -sudo systemctl disable --now ctrl-alt-del.target +systemctl mask ctrl-alt-del.target +systemctl mask debug-shell.service # Setup NTS rm -rf /etc/chrony/chrony.conf diff --git a/RHEL-Server-9.sh b/RHEL-Server-9.sh index d4a759e..c5d0fa2 100644 --- a/RHEL-Server-9.sh +++ b/RHEL-Server-9.sh @@ -25,7 +25,8 @@ unpriv(){ } # Compliance -sudo systemctl disable --now ctrl-alt-del.target +sudo systemctl mask ctrl-alt-del.target +sudo systemctl mask debug-shell.service # Setup NTS sudo curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/chrony.conf -o /etc/chrony.conf diff --git a/Ubuntu-22.04-Desktop.sh b/Ubuntu-22.04-Desktop.sh index 05ff33b..8695387 100644 --- a/Ubuntu-22.04-Desktop.sh +++ b/Ubuntu-22.04-Desktop.sh @@ -33,6 +33,9 @@ sudo apt install -y usg sudo apt autoremove -y sudo usg fix cis_level2_workstation +sudo systemctl mask ctrl-alt-del.target +sudo systemctl mask debug-shell.service + # Remove AIDE sudo apt purge -y aide* diff --git a/Ubuntu-22.04-Server.sh b/Ubuntu-22.04-Server.sh index e1e578d..58a4a84 100644 --- a/Ubuntu-22.04-Server.sh +++ b/Ubuntu-22.04-Server.sh @@ -33,6 +33,9 @@ sudo apt install -y usg curl libpam-pwquality sudo apt autoremove -y sudo usg fix cis_level2_server +sudo systemctl mask ctrl-alt-del.target +sudo systemctl mask debug-shell.service + # Remove AIDE sudo apt purge -y aide*