mirror of
https://github.com/tommytran732/Linux-Setup-Scripts
synced 2024-11-22 09:31:34 -05:00
Compliance at the top
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
parent
0ae9d17e52
commit
c3c4752f44
@ -4,6 +4,14 @@
|
|||||||
#Customize it to your liking
|
#Customize it to your liking
|
||||||
#Run this script as your admin user, NOT root
|
#Run this script as your admin user, NOT root
|
||||||
|
|
||||||
|
#Compliance
|
||||||
|
sudo ua enable usg
|
||||||
|
sudo apt install -y usg
|
||||||
|
sudo usg fix cis_level2_workstation
|
||||||
|
|
||||||
|
#Allow su which is disabled by CIS
|
||||||
|
sudo sed -i 's/auth required pam_wheel.so use_uid group=sugroup//g' /etc/pam.d/su
|
||||||
|
|
||||||
#Setting umask to 077
|
#Setting umask to 077
|
||||||
umask 077
|
umask 077
|
||||||
sudo sed -ie '/^DIR_MODE=/ s/=[0-9]*\+/=0700/' /etc/adduser.conf
|
sudo sed -ie '/^DIR_MODE=/ s/=[0-9]*\+/=0700/' /etc/adduser.conf
|
||||||
@ -91,11 +99,3 @@ connection.stable-id=${CONNECTION}/${BOOT}
|
|||||||
EOF
|
EOF
|
||||||
|
|
||||||
sudo systemctl restart NetworkManager
|
sudo systemctl restart NetworkManager
|
||||||
|
|
||||||
#Compliance
|
|
||||||
sudo ua enable usg
|
|
||||||
sudo apt install -y usg
|
|
||||||
sudo usg fix cis_level2_workstation
|
|
||||||
|
|
||||||
#Allow su which is disabled by CIS
|
|
||||||
sudo sed -i 's/auth required pam_wheel.so use_uid group=sugroup//g' /etc/pam.d/su
|
|
||||||
|
Loading…
Reference in New Issue
Block a user