mirror of
https://github.com/tommytran732/QubesOS-Scripts
synced 2024-11-08 11:51:34 -05:00
Add hardened_malloc to Fedora
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
parent
49c7b038d3
commit
a5c22bbff2
@ -45,3 +45,10 @@ sysctl -p
|
|||||||
# Harden SSH
|
# Harden SSH
|
||||||
curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/ssh/ssh_config.d/10-custom.conf | tee /etc/ssh/ssh_config.d/10-custom.conf
|
curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/ssh/ssh_config.d/10-custom.conf | tee /etc/ssh/ssh_config.d/10-custom.conf
|
||||||
chmod 644 /etc/ssh/ssh_config.d/10-custom.conf
|
chmod 644 /etc/ssh/ssh_config.d/10-custom.conf
|
||||||
|
|
||||||
|
# Setup hardened_malloc
|
||||||
|
dnf install 'https://divested.dev/rpm/fedora/divested-release-20231210-2.noarch.rpm' -y
|
||||||
|
sed -i 's/^metalink=.*/&?protocol=https/g' /etc/yum.repos.d/divested-release.repo
|
||||||
|
dnf config-manager --save --setopt=divested.includepkgs=divested-release,real-ucode,microcode_ctl,amd-ucode-firmware,hardened_malloc
|
||||||
|
dnf install hardened_malloc -y
|
||||||
|
echo 'libhardened_malloc.so' | sudo tee /etc/ld.so.preload
|
@ -126,6 +126,13 @@ unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/Tomm
|
|||||||
sudo mkdir -p /etc/systemd/system/ModemManager.service.d
|
sudo mkdir -p /etc/systemd/system/ModemManager.service.d
|
||||||
curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/divestedcg/Brace/master/brace/usr/lib/systemd/system/ModemManager.service.d/99-brace.conf | sudo tee /etc/systemd/system/ModemManager.service.d/99-brace.conf
|
curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/divestedcg/Brace/master/brace/usr/lib/systemd/system/ModemManager.service.d/99-brace.conf | sudo tee /etc/systemd/system/ModemManager.service.d/99-brace.conf
|
||||||
|
|
||||||
|
# Setup hardened_malloc
|
||||||
|
sudo dnf install 'https://divested.dev/rpm/fedora/divested-release-20231210-2.noarch.rpm' -y
|
||||||
|
sudo sed -i 's/^metalink=.*/&?protocol=https/g' /etc/yum.repos.d/divested-release.repo
|
||||||
|
sudo dnf config-manager --save --setopt=divested.includepkgs=divested-release,real-ucode,microcode_ctl,amd-ucode-firmware,hardened_malloc
|
||||||
|
sudo dnf install hardened_malloc -y
|
||||||
|
echo 'libhardened_malloc.so' | sudo tee /etc/ld.so.preload
|
||||||
|
|
||||||
# Setup networking
|
# Setup networking
|
||||||
unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/NetworkManager/conf.d/00-macrandomize.conf | sudo tee /etc/NetworkManager/conf.d/00-macrandomize.conf
|
unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/NetworkManager/conf.d/00-macrandomize.conf | sudo tee /etc/NetworkManager/conf.d/00-macrandomize.conf
|
||||||
unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/NetworkManager/conf.d/01-transient-hostname.conf | sudo tee /etc/NetworkManager/conf.d/01-transient-hostname.conf
|
unpriv curl --proxy http://127.0.0.1:8082 https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main/etc/NetworkManager/conf.d/01-transient-hostname.conf | sudo tee /etc/NetworkManager/conf.d/01-transient-hostname.conf
|
||||||
|
Loading…
Reference in New Issue
Block a user