From bfd83a9c4e09c4a17fceb1a1910bb9a5cf497438 Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Mon, 27 Jan 2025 07:12:15 -0700
Subject: [PATCH] Add NetworkManager hardening to sys-net

Signed-off-by: Tommy <contact@tommytran.io>
---
 fedora-minimal/sys-net.sh | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/fedora-minimal/sys-net.sh b/fedora-minimal/sys-net.sh
index ba594b1..fa6991f 100644
--- a/fedora-minimal/sys-net.sh
+++ b/fedora-minimal/sys-net.sh
@@ -45,6 +45,7 @@ download https://raw.githubusercontent.com/TommyTran732/Linux-Setup-Scripts/main
 sudo hostnamectl hostname 'localhost'
 sudo hostnamectl --transient hostname ''
 
-# This breaks saving network settings with the Fedora 40 template rn, so I am commenting it out.
-#sudo mkdir -p /etc/systemd/system/NetworkManager.service.d
-#download https://gitlab.com/divested/brace/-/raw/master/brace/usr/lib/systemd/system/NetworkManager.service.d/99-brace.conf /etc/systemd/system/NetworkManager.service.d/99-brace.conf
+sudo mkdir -p /etc/systemd/system/NetworkManager.service.d
+download https://gitlab.com/divested/brace/-/raw/master/brace/usr/lib/systemd/system/NetworkManager.service.d/99-brace.conf /etc/systemd/system/NetworkManager.service.d/99-brace.conf
+sudo sed -i 's@ReadOnlyPaths=/etc/NetworkManager@#ReadOnlyPaths=/etc/NetworkManager@' /etc/systemd/system/NetworkManager.service.d/99-brace.conf
+sudo sed -i 's@ReadWritePaths=-/etc/NetworkManager/system-connections@#ReadWritePaths=-/etc/NetworkManager/system-connections@' /etc/systemd/system/NetworkManager.service.d/99-brace.conf