Compliance at the top

Signed-off-by: Tommy <contact@tommytran.io>
2024-09-19 13:44:43 -04:00 · 2023-06-06 15:04:04 -07:00 · 2023-06-06 15:04:04 -07:00 · c3c4752f44
commit c3c4752f44
parent 0ae9d17e52
1 changed files with 8 additions and 8 deletions
--- a/Ubuntu-22.04-Desktop.sh
+++ b/Ubuntu-22.04-Desktop.sh
@ -4,6 +4,14 @@
 #Customize it to your liking
 #Run this script as your admin user, NOT root

+#Compliance
+sudo ua enable usg
+sudo apt install -y usg
+sudo usg fix cis_level2_workstation
+
+#Allow su which is disabled by CIS 
+sudo sed -i 's/auth required pam_wheel.so use_uid group=sugroup//g' /etc/pam.d/su
+
 #Setting umask to 077
 umask 077
 sudo sed -ie '/^DIR_MODE=/ s/=[0-9]*\+/=0700/' /etc/adduser.conf
@ -91,11 +99,3 @@ connection.stable-id=${CONNECTION}/${BOOT}
 EOF

 sudo systemctl restart NetworkManager
-
-#Compliance
-sudo ua enable usg
-sudo apt install -y usg
-sudo usg fix cis_level2_workstation
-
-#Allow su which is disabled by CIS 
-sudo sed -i 's/auth required pam_wheel.so use_uid group=sugroup//g' /etc/pam.d/su