From c3c4752f4484e1455921458ebce315eb0528bbe7 Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Tue, 6 Jun 2023 15:04:04 -0700
Subject: [PATCH] Compliance at the top

Signed-off-by: Tommy <contact@tommytran.io>
---
 Ubuntu-22.04-Desktop.sh | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/Ubuntu-22.04-Desktop.sh b/Ubuntu-22.04-Desktop.sh
index 81901c6..6bff3f8 100644
--- a/Ubuntu-22.04-Desktop.sh
+++ b/Ubuntu-22.04-Desktop.sh
@@ -4,6 +4,14 @@
 #Customize it to your liking
 #Run this script as your admin user, NOT root
 
+#Compliance
+sudo ua enable usg
+sudo apt install -y usg
+sudo usg fix cis_level2_workstation
+
+#Allow su which is disabled by CIS 
+sudo sed -i 's/auth required pam_wheel.so use_uid group=sugroup//g' /etc/pam.d/su
+
 #Setting umask to 077
 umask 077
 sudo sed -ie '/^DIR_MODE=/ s/=[0-9]*\+/=0700/' /etc/adduser.conf
@@ -91,11 +99,3 @@ connection.stable-id=${CONNECTION}/${BOOT}
 EOF
 
 sudo systemctl restart NetworkManager
-
-#Compliance
-sudo ua enable usg
-sudo apt install -y usg
-sudo usg fix cis_level2_workstation
-
-#Allow su which is disabled by CIS 
-sudo sed -i 's/auth required pam_wheel.so use_uid group=sugroup//g' /etc/pam.d/su