mirror of
https://github.com/tommytran732/Linux-Setup-Scripts
synced 2024-11-22 09:31:34 -05:00
Compare commits
3 Commits
023cc46676
...
90bebe1665
Author | SHA1 | Date | |
---|---|---|---|
90bebe1665 | |||
0f0b98feb6 | |||
f8819622ec |
37
.github/workflows/shellcheck.yml
vendored
Normal file
37
.github/workflows/shellcheck.yml
vendored
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
name: ShellCheck
|
||||||
|
|
||||||
|
on:
|
||||||
|
workflow_dispatch:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- master
|
||||||
|
- main
|
||||||
|
paths-ignore:
|
||||||
|
- '**.gitignore'
|
||||||
|
- '**.md'
|
||||||
|
- 'LICENSE'
|
||||||
|
- '**.conf'
|
||||||
|
- '**.service'
|
||||||
|
- '**.timer'
|
||||||
|
- '**.path'
|
||||||
|
- '**.list'
|
||||||
|
pull_request:
|
||||||
|
paths-ignore:
|
||||||
|
- '**.gitignore'
|
||||||
|
- '**.md'
|
||||||
|
- 'LICENSE'
|
||||||
|
- '**.conf'
|
||||||
|
- '**.service'
|
||||||
|
- '**.timer'
|
||||||
|
- '**.path'
|
||||||
|
- '**.list'
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
shellcheck:
|
||||||
|
name: Bash syntax checker
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout code
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
- name: Run ShellCheck
|
||||||
|
uses: ludeeus/action-shellcheck@master
|
@ -70,9 +70,9 @@ sudo sed -i 's/# install bluetooth/install bluetooth/g' /etc/modprobe.d/30_secur
|
|||||||
sudo sed -i 's/# install btusb/install btusb/g' /etc/modprobe.d/30_security-misc.conf
|
sudo sed -i 's/# install btusb/install btusb/g' /etc/modprobe.d/30_security-misc.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/990-security-misc.conf | sudo tee /etc/sysctl.d/990-security-misc.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/990-security-misc.conf | sudo tee /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo chmod 644 /etc/sysctl.d/990-security-misc.conf
|
sudo chmod 644 /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo sed -i 's/kernel.yama.ptrace_scope.*/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
|
sudo sed -i 's/kernel.yama.ptrace_scope[[:space:]]*=.*/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo sed -i 's/net.ipv4.icmp_echo_ignore_all.*/net.ipv4.icmp_echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
sudo sed -i 's/net.ipv4.icmp_echo_ignore_all[[:space:]]*=.*/net.ipv4.icmp_echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo sed -i 's/net.ipv6.icmp.echo_ignore_all.*/net.ipv6.icmp.echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
sudo sed -i 's/net.ipv6.icmp.echo_ignore_all[[:space:]]*=.*/net.ipv6.icmp.echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_silent-kernel-printk.conf | sudo tee /etc/sysctl.d/30_silent-kernel-printk.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_silent-kernel-printk.conf | sudo tee /etc/sysctl.d/30_silent-kernel-printk.conf
|
||||||
sudo chmod 644 /etc/sysctl.d/30_silent-kernel-printk.conf
|
sudo chmod 644 /etc/sysctl.d/30_silent-kernel-printk.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf | sudo tee /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf | sudo tee /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
||||||
|
@ -67,7 +67,7 @@ sudo chmod 644 /etc/modprobe.d/30_security-misc.conf
|
|||||||
sudo sed -i 's/#install msr/install msr/g' /etc/modprobe.d/30_security-misc.conf
|
sudo sed -i 's/#install msr/install msr/g' /etc/modprobe.d/30_security-misc.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/990-security-misc.conf | sudo tee /etc/sysctl.d/990-security-misc.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/990-security-misc.conf | sudo tee /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo chmod 644 /etc/sysctl.d/990-security-misc.conf
|
sudo chmod 644 /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo sed -i 's/kernel.yama.ptrace_scope.*/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
|
sudo sed -i 's/kernel.yama.ptrace_scope[[:space:]]*=.*/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_silent-kernel-printk.conf | sudo tee /etc/sysctl.d/30_silent-kernel-printk.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_silent-kernel-printk.conf | sudo tee /etc/sysctl.d/30_silent-kernel-printk.conf
|
||||||
sudo chmod 644 /etc/sysctl.d/30_silent-kernel-printk.conf
|
sudo chmod 644 /etc/sysctl.d/30_silent-kernel-printk.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf | sudo tee /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf | sudo tee /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
||||||
|
@ -78,9 +78,9 @@ sudo sed -i 's/#install msr/install msr/g' /etc/modprobe.d/30_security-misc.conf
|
|||||||
sed -i 's/# install bluetooth/install bluetooth/g' /etc/modprobe.d/30_security-misc.conf
|
sed -i 's/# install bluetooth/install bluetooth/g' /etc/modprobe.d/30_security-misc.conf
|
||||||
sed -i 's/# install btusb/install btusb/g' /etc/modprobe.d/30_security-misc.conf
|
sed -i 's/# install btusb/install btusb/g' /etc/modprobe.d/30_security-misc.conf
|
||||||
curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/990-security-misc.conf -o /etc/sysctl.d/990-security-misc.conf
|
curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/990-security-misc.conf -o /etc/sysctl.d/990-security-misc.conf
|
||||||
sed -i 's/kernel.yama.ptrace_scope.*/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
|
sed -i 's/kernel.yama.ptrace_scope[[:space:]]*=.*/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
sed -i 's/net.ipv4.icmp_echo_ignore_all.*/net.ipv4.icmp_echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
sed -i 's/net.ipv4.icmp_echo_ignore_all[[:space:]]*=.*/net.ipv4.icmp_echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
sed -i 's/net.ipv6.icmp.echo_ignore_all.*/net.ipv6.icmp.echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
sed -i 's/net.ipv6.icmp.echo_ignore_all[[:space:]]*=.*/net.ipv6.icmp.echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_silent-kernel-printk.conf -o /etc/sysctl.d/30_silent-kernel-printk.conf
|
curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_silent-kernel-printk.conf -o /etc/sysctl.d/30_silent-kernel-printk.conf
|
||||||
curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf -o /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf -o /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
||||||
sysctl -p
|
sysctl -p
|
||||||
|
@ -1,4 +1,7 @@
|
|||||||
# Linux Setup Scripts
|
# Linux Setup Scripts
|
||||||
|
|
||||||
|
[![ShellCheck](https://github.com/TommyTran732/Linux-Setup-Scripts/actions/workflows/shellcheck.yml/badge.svg)](https://github.com/TommyTran732/Linux-Setup-Scripts/actions/workflows/shellcheck.yml)
|
||||||
|
|
||||||
My setup scripts for my workstations. You should edit the scripts to your liking before running it.
|
My setup scripts for my workstations. You should edit the scripts to your liking before running it.
|
||||||
Please run the scripts as your actual user and not root. Provide sudo password when it asks you to. Flatpak packages and themes/icons are only installed for your user and not system wide. <br />
|
Please run the scripts as your actual user and not root. Provide sudo password when it asks you to. Flatpak packages and themes/icons are only installed for your user and not system wide. <br />
|
||||||
|
|
||||||
|
@ -64,9 +64,9 @@ sudo sed -i 's/# install bluetooth/install bluetooth/g' /etc/modprobe.d/30_secur
|
|||||||
sudo sed -i 's/# install btusb/install btusb/g' /etc/modprobe.d/30_security-misc.conf
|
sudo sed -i 's/# install btusb/install btusb/g' /etc/modprobe.d/30_security-misc.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/990-security-misc.conf | sudo tee /etc/sysctl.d/990-security-misc.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/990-security-misc.conf | sudo tee /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo chmod 644 /etc/sysctl.d/990-security-misc.conf
|
sudo chmod 644 /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo sed -i 's/kernel.yama.ptrace_scope.*/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
|
sudo sed -i 's/kernel.yama.ptrace_scope[[:space:]]*=.*/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo sed -i 's/net.ipv4.icmp_echo_ignore_all.*/net.ipv4.icmp_echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
sudo sed -i 's/net.ipv4.icmp_echo_ignore_all[[:space:]]*=.*/net.ipv4.icmp_echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo sed -i 's/net.ipv6.icmp.echo_ignore_all.*/net.ipv6.icmp.echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
sudo sed -i 's/net.ipv6.icmp.echo_ignore_all[[:space:]]*=.*/net.ipv6.icmp.echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_silent-kernel-printk.conf | sudo tee /etc/sysctl.d/30_silent-kernel-printk.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_silent-kernel-printk.conf | sudo tee /etc/sysctl.d/30_silent-kernel-printk.conf
|
||||||
sudo chmod 644 /etc/sysctl.d/30_silent-kernel-printk.conf
|
sudo chmod 644 /etc/sysctl.d/30_silent-kernel-printk.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf | sudo tee /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf | sudo tee /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
||||||
|
@ -62,7 +62,7 @@ unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/us
|
|||||||
sudo chmod 644 /etc/sysctl.d/30_silent-kernel-printk.conf
|
sudo chmod 644 /etc/sysctl.d/30_silent-kernel-printk.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf | sudo tee /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf | sudo tee /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
||||||
sudo chmod 644 /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
sudo chmod 644 /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
||||||
sudo sed -i 's/kernel.yama.ptrace_scope.*/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
|
sudo sed -i 's/kernel.yama.ptrace_scope[[:space:]]*=.*/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo sysctl -p
|
sudo sysctl -p
|
||||||
|
|
||||||
# Rebuild initramfs
|
# Rebuild initramfs
|
||||||
|
@ -63,9 +63,9 @@ sudo sed -i 's/#install msr/install msr/g' /etc/modprobe.d/30_security-misc.conf
|
|||||||
sudo sed -i 's/# install bluetooth/install bluetooth/g' /etc/modprobe.d/30_security-misc.conf
|
sudo sed -i 's/# install bluetooth/install bluetooth/g' /etc/modprobe.d/30_security-misc.conf
|
||||||
sudo sed -i 's/# install btusb/install btusb/g' /etc/modprobe.d/30_security-misc.conf
|
sudo sed -i 's/# install btusb/install btusb/g' /etc/modprobe.d/30_security-misc.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/990-security-misc.conf | sudo tee /etc/sysctl.d/990-security-misc.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/990-security-misc.conf | sudo tee /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo sed -i 's/kernel.yama.ptrace_scope.*/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
|
sudo sed -i 's/kernel.yama.ptrace_scope[[:space:]]*=.*/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo sed -i 's/net.ipv4.icmp_echo_ignore_all.*/net.ipv4.icmp_echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
sudo sed -i 's/net.ipv4.icmp_echo_ignore_all[[:space:]]*=.*/net.ipv4.icmp_echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
sudo sed -i 's/net.ipv6.icmp.echo_ignore_all.*/net.ipv6.icmp.echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
sudo sed -i 's/net.ipv6.icmp.echo_ignore_all[[:space:]]*=.*/net.ipv6.icmp.echo_ignore_all=0/g' /etc/sysctl.d/990-security-misc.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_silent-kernel-printk.conf | sudo tee /etc/sysctl.d/30_silent-kernel-printk.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_silent-kernel-printk.conf | sudo tee /etc/sysctl.d/30_silent-kernel-printk.conf
|
||||||
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf | sudo tee /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf | sudo tee /etc/sysctl.d/30_security-misc_kexec-disable.conf
|
||||||
sudo sysctl -p
|
sudo sysctl -p
|
||||||
|
Loading…
Reference in New Issue
Block a user