mirror of
https://github.com/tommytran732/Linux-Setup-Scripts
synced 2024-11-12 13:01:33 -05:00
Compare commits
No commits in common. "0c8ae2fa244e675d9b73e863493a55d708c1af16" and "7fd8e7356324fa16391f311c3ac89caa4d56aa3b" have entirely different histories.
0c8ae2fa24
...
7fd8e73563
@ -28,7 +28,6 @@ unpriv(){
|
|||||||
sudo systemctl mask ctrl-alt-del.target
|
sudo systemctl mask ctrl-alt-del.target
|
||||||
sudo systemctl mask debug-shell.service
|
sudo systemctl mask debug-shell.service
|
||||||
sudo systemctl mask kdump.service
|
sudo systemctl mask kdump.service
|
||||||
echo 'CtrlAltDelBurstAction=none' | sudo tee -a /etc/systemd/system.conf
|
|
||||||
|
|
||||||
# Setting umask to 077
|
# Setting umask to 077
|
||||||
umask 077
|
umask 077
|
||||||
|
@ -25,7 +25,6 @@ unpriv(){
|
|||||||
# Compliance
|
# Compliance
|
||||||
sudo systemctl mask ctrl-alt-del.target
|
sudo systemctl mask ctrl-alt-del.target
|
||||||
sudo systemctl mask debug-shell.service
|
sudo systemctl mask debug-shell.service
|
||||||
echo 'CtrlAltDelBurstAction=none' | sudo tee -a /etc/systemd/system.conf
|
|
||||||
|
|
||||||
# Make home directory private
|
# Make home directory private
|
||||||
chmod 700 /home/*
|
chmod 700 /home/*
|
||||||
|
@ -23,7 +23,6 @@ output(){
|
|||||||
# Compliance
|
# Compliance
|
||||||
systemctl mask ctrl-alt-del.target
|
systemctl mask ctrl-alt-del.target
|
||||||
systemctl mask debug-shell.service
|
systemctl mask debug-shell.service
|
||||||
echo 'CtrlAltDelBurstAction=none' | tee -a /etc/systemd/system.conf
|
|
||||||
|
|
||||||
# Setup NTS
|
# Setup NTS
|
||||||
rm -rf /etc/chrony/chrony.conf
|
rm -rf /etc/chrony/chrony.conf
|
||||||
|
@ -27,8 +27,9 @@ unpriv(){
|
|||||||
# Compliance
|
# Compliance
|
||||||
sudo systemctl mask ctrl-alt-del.target
|
sudo systemctl mask ctrl-alt-del.target
|
||||||
sudo systemctl mask debug-shell.service
|
sudo systemctl mask debug-shell.service
|
||||||
sudo systemctl mask kdump.service
|
|
||||||
echo 'CtrlAltDelBurstAction=none' | sudo tee -a /etc/systemd/system.conf
|
# Make home directory private
|
||||||
|
chmod 700 /home/*
|
||||||
|
|
||||||
# Setup NTS
|
# Setup NTS
|
||||||
sudo curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/chrony.conf -o /etc/chrony.conf
|
sudo curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/chrony.conf -o /etc/chrony.conf
|
||||||
@ -42,7 +43,6 @@ sudo systemctl restart chronyd
|
|||||||
|
|
||||||
sudo firewall-cmd --permanent --remove-service=cockpit
|
sudo firewall-cmd --permanent --remove-service=cockpit
|
||||||
sudo firewall-cmd --reload
|
sudo firewall-cmd --reload
|
||||||
sudo firewall-cmd --lockdown-on
|
|
||||||
|
|
||||||
# Harden SSH
|
# Harden SSH
|
||||||
mkdir -p /etc/ssh/ssh_config.d /etc/ssh/sshd_config.d
|
mkdir -p /etc/ssh/ssh_config.d /etc/ssh/sshd_config.d
|
||||||
|
@ -26,10 +26,6 @@ unpriv(){
|
|||||||
}
|
}
|
||||||
|
|
||||||
#Compliance and updates
|
#Compliance and updates
|
||||||
sudo systemctl mask ctrl-alt-del.target
|
|
||||||
sudo systemctl mask debug-shell.service
|
|
||||||
echo 'CtrlAltDelBurstAction=none' | sudo tee -a /etc/systemd/system.conf
|
|
||||||
|
|
||||||
sudo ua enable usg
|
sudo ua enable usg
|
||||||
sudo apt update -y
|
sudo apt update -y
|
||||||
sudo apt full-upgrade -y
|
sudo apt full-upgrade -y
|
||||||
@ -37,6 +33,9 @@ sudo apt install -y usg
|
|||||||
sudo apt autoremove -y
|
sudo apt autoremove -y
|
||||||
sudo usg fix cis_level2_workstation
|
sudo usg fix cis_level2_workstation
|
||||||
|
|
||||||
|
sudo systemctl mask ctrl-alt-del.target
|
||||||
|
sudo systemctl mask debug-shell.service
|
||||||
|
|
||||||
# Make home directory private
|
# Make home directory private
|
||||||
chmod 700 /home/*
|
chmod 700 /home/*
|
||||||
|
|
||||||
|
@ -26,10 +26,6 @@ unpriv(){
|
|||||||
}
|
}
|
||||||
|
|
||||||
#Compliance and updates
|
#Compliance and updates
|
||||||
sudo systemctl mask ctrl-alt-del.target
|
|
||||||
sudo systemctl mask debug-shell.service
|
|
||||||
echo 'CtrlAltDelBurstAction=none' | sudo tee -a /etc/systemd/system.conf
|
|
||||||
|
|
||||||
sudo ua enable usg
|
sudo ua enable usg
|
||||||
sudo apt update -y
|
sudo apt update -y
|
||||||
sudo apt full-upgrade -y
|
sudo apt full-upgrade -y
|
||||||
@ -37,6 +33,9 @@ sudo apt install -y usg curl libpam-pwquality
|
|||||||
sudo apt autoremove -y
|
sudo apt autoremove -y
|
||||||
sudo usg fix cis_level2_server
|
sudo usg fix cis_level2_server
|
||||||
|
|
||||||
|
sudo systemctl mask ctrl-alt-del.target
|
||||||
|
sudo systemctl mask debug-shell.service
|
||||||
|
|
||||||
# Make home directory private
|
# Make home directory private
|
||||||
chmod 700 /home/*
|
chmod 700 /home/*
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user