mirror of
https://github.com/tommytran732/Linux-Setup-Scripts
synced 2024-11-09 11:41:33 -05:00
Compare commits
2 Commits
7fd8e73563
...
0c8ae2fa24
Author | SHA1 | Date | |
---|---|---|---|
0c8ae2fa24 | |||
9c942cf89e |
@ -28,6 +28,7 @@ unpriv(){
|
||||
sudo systemctl mask ctrl-alt-del.target
|
||||
sudo systemctl mask debug-shell.service
|
||||
sudo systemctl mask kdump.service
|
||||
echo 'CtrlAltDelBurstAction=none' | sudo tee -a /etc/systemd/system.conf
|
||||
|
||||
# Setting umask to 077
|
||||
umask 077
|
||||
|
@ -25,6 +25,7 @@ unpriv(){
|
||||
# Compliance
|
||||
sudo systemctl mask ctrl-alt-del.target
|
||||
sudo systemctl mask debug-shell.service
|
||||
echo 'CtrlAltDelBurstAction=none' | sudo tee -a /etc/systemd/system.conf
|
||||
|
||||
# Make home directory private
|
||||
chmod 700 /home/*
|
||||
|
@ -23,6 +23,7 @@ output(){
|
||||
# Compliance
|
||||
systemctl mask ctrl-alt-del.target
|
||||
systemctl mask debug-shell.service
|
||||
echo 'CtrlAltDelBurstAction=none' | tee -a /etc/systemd/system.conf
|
||||
|
||||
# Setup NTS
|
||||
rm -rf /etc/chrony/chrony.conf
|
||||
|
@ -27,9 +27,8 @@ unpriv(){
|
||||
# Compliance
|
||||
sudo systemctl mask ctrl-alt-del.target
|
||||
sudo systemctl mask debug-shell.service
|
||||
|
||||
# Make home directory private
|
||||
chmod 700 /home/*
|
||||
sudo systemctl mask kdump.service
|
||||
echo 'CtrlAltDelBurstAction=none' | sudo tee -a /etc/systemd/system.conf
|
||||
|
||||
# Setup NTS
|
||||
sudo curl https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/chrony.conf -o /etc/chrony.conf
|
||||
@ -43,6 +42,7 @@ sudo systemctl restart chronyd
|
||||
|
||||
sudo firewall-cmd --permanent --remove-service=cockpit
|
||||
sudo firewall-cmd --reload
|
||||
sudo firewall-cmd --lockdown-on
|
||||
|
||||
# Harden SSH
|
||||
mkdir -p /etc/ssh/ssh_config.d /etc/ssh/sshd_config.d
|
||||
|
@ -26,6 +26,10 @@ unpriv(){
|
||||
}
|
||||
|
||||
#Compliance and updates
|
||||
sudo systemctl mask ctrl-alt-del.target
|
||||
sudo systemctl mask debug-shell.service
|
||||
echo 'CtrlAltDelBurstAction=none' | sudo tee -a /etc/systemd/system.conf
|
||||
|
||||
sudo ua enable usg
|
||||
sudo apt update -y
|
||||
sudo apt full-upgrade -y
|
||||
@ -33,9 +37,6 @@ sudo apt install -y usg
|
||||
sudo apt autoremove -y
|
||||
sudo usg fix cis_level2_workstation
|
||||
|
||||
sudo systemctl mask ctrl-alt-del.target
|
||||
sudo systemctl mask debug-shell.service
|
||||
|
||||
# Make home directory private
|
||||
chmod 700 /home/*
|
||||
|
||||
|
@ -26,6 +26,10 @@ unpriv(){
|
||||
}
|
||||
|
||||
#Compliance and updates
|
||||
sudo systemctl mask ctrl-alt-del.target
|
||||
sudo systemctl mask debug-shell.service
|
||||
echo 'CtrlAltDelBurstAction=none' | sudo tee -a /etc/systemd/system.conf
|
||||
|
||||
sudo ua enable usg
|
||||
sudo apt update -y
|
||||
sudo apt full-upgrade -y
|
||||
@ -33,9 +37,6 @@ sudo apt install -y usg curl libpam-pwquality
|
||||
sudo apt autoremove -y
|
||||
sudo usg fix cis_level2_server
|
||||
|
||||
sudo systemctl mask ctrl-alt-del.target
|
||||
sudo systemctl mask debug-shell.service
|
||||
|
||||
# Make home directory private
|
||||
chmod 700 /home/*
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user