V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

func/cdi_4500_user/4510_accounts_hardening.sh

@@ -45,9 +45,9 @@ accounts_hardening() {
 
   ### Preparing 2fa hardening.
   install -d -m 0755 -o root -g root "${var_target}/etc/ciss"
-  insert_header   "${var_target}/etc/ciss/2fa.users"
-  insert_comments "${var_target}/etc/ciss/2fa.users"
-  chmod 0600      "${var_target}/etc/ciss/2fa.users"
+  insert_header   "${var_target}/etc/ciss/2fa.map"
+  insert_comments "${var_target}/etc/ciss/2fa.map"
+  chmod 0600      "${var_target}/etc/ciss/2fa.map"
 
   ### Keep 'tty1' active, disable the rest.
   # shellcheck disable=SC2016

func/cdi_4500_user/4520_accounts_setup.sh

@@ -175,7 +175,7 @@ EOF
 
     [[ "${user_root_authentication_2fa_ssh}" == "true" ]] && write_ciss_2fa_user "root" "sshd" "on" "${var_target}"
 
-    [[ "${user_root_authentication_2fa_tty}" == "true" ]] && write_ciss_2fa_user "root" "login" "on" "${var_target}"
+    [[ "${user_root_authentication_2fa_tty}" == "false" ]] && write_ciss_2fa_user "root" "login" "off" "${var_target}"
 
     write_ciss_2fa_user "root" "su" "off" "${var_target}"
     write_ciss_2fa_user "root" "sudo" "off" "${var_target}"

func/cdi_4500_user/4521_accounts_setup_ciss.sh

@@ -115,7 +115,7 @@ accounts_setup_ciss_user() {
 
       zsh_omz_installer "${var_username}" "${var_target}"
       mv "${var_target}/home/${var_username}/.zshrc" "${var_target}/home/${var_username}/.zshrc.bak"
-      install -m 0600 -o "${var_uid}" -g "${var_gid}" "${VAR_SETUP_PATH}/includes/target/etc/skel/.zshrc" "${var_target}/home/${var_username}"
+      install -m 0600 -o "${var_uid}" -g "${var_gid}" "${VAR_SETUP_PATH}/includes/target/etc/skel/.ciss.zshrc" "${var_target}/home/${var_username}"
 
       chroot_exec "${var_target}" chsh -s "${var_shell}" "${var_username}"
       do_log "info" "file_only" "4520() Shell: '${var_shell}' used for: '${var_username}'."