msw/CISS.debian.installer
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 2m2s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-10-19 14:19:22 +01:00
parent 2cf85c772b
commit 5bbea53cf4
4 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.preseed/partitioning.yaml
View File

@@ -54,7 +54,7 @@ recipe:
table: "gpt" # MUST be "gpt" for "UEFI" || "msdos": table: "gpt" # MUST be "gpt" for "UEFI" || "msdos":
syntax: true # This is set to "false" by default, otherwise if the recipe is tested by the authors to "true". syntax: true # This is set to "false" by default, otherwise if the recipe is tested by the authors to "true".
### Version of the specific recipe. ### Version of the specific recipe.
version: "1.3.0" version: "1.3.2"
dev: dev:
sda: sda:
1: # MUST be always 'ESP' for [UEFI|GPT] or 'BIOS' for [BIOS|GPT]. 1: # MUST be always 'ESP' for [UEFI|GPT] or 'BIOS' for [BIOS|GPT].

6
func/cdi_4500_user/4510_accounts_hardening.sh
View File

@@ -45,9 +45,9 @@ accounts_hardening() {
### Preparing 2fa hardening. ### Preparing 2fa hardening.
install -d -m 0755 -o root -g root "${var_target}/etc/ciss" install -d -m 0755 -o root -g root "${var_target}/etc/ciss"
insert_header "${var_target}/etc/ciss/2fa.users" insert_header "${var_target}/etc/ciss/2fa.map"
insert_comments "${var_target}/etc/ciss/2fa.users" insert_comments "${var_target}/etc/ciss/2fa.map"
chmod 0600 "${var_target}/etc/ciss/2fa.users" chmod 0600 "${var_target}/etc/ciss/2fa.map"
### Keep 'tty1' active, disable the rest. ### Keep 'tty1' active, disable the rest.
# shellcheck disable=SC2016 # shellcheck disable=SC2016

2
func/cdi_4500_user/4520_accounts_setup.sh
View File

@@ -175,7 +175,7 @@ EOF
[[ "${user_root_authentication_2fa_ssh}" == "true" ]] && write_ciss_2fa_user "root" "sshd" "on" "${var_target}" [[ "${user_root_authentication_2fa_ssh}" == "true" ]] && write_ciss_2fa_user "root" "sshd" "on" "${var_target}"
[[ "${user_root_authentication_2fa_tty}" == "true" ]] && write_ciss_2fa_user "root" "login" "on" "${var_target}" [[ "${user_root_authentication_2fa_tty}" == "false" ]] && write_ciss_2fa_user "root" "login" "off" "${var_target}"
write_ciss_2fa_user "root" "su" "off" "${var_target}" write_ciss_2fa_user "root" "su" "off" "${var_target}"
write_ciss_2fa_user "root" "sudo" "off" "${var_target}" write_ciss_2fa_user "root" "sudo" "off" "${var_target}"

2
func/cdi_4500_user/4521_accounts_setup_ciss.sh
View File

@@ -115,7 +115,7 @@ accounts_setup_ciss_user() {
zsh_omz_installer "${var_username}" "${var_target}" zsh_omz_installer "${var_username}" "${var_target}"
mv "${var_target}/home/${var_username}/.zshrc" "${var_target}/home/${var_username}/.zshrc.bak" mv "${var_target}/home/${var_username}/.zshrc" "${var_target}/home/${var_username}/.zshrc.bak"
install -m 0600 -o "${var_uid}" -g "${var_gid}" "${VAR_SETUP_PATH}/includes/target/etc/skel/.zshrc" "${var_target}/home/${var_username}" install -m 0600 -o "${var_uid}" -g "${var_gid}" "${VAR_SETUP_PATH}/includes/target/etc/skel/.ciss.zshrc" "${var_target}/home/${var_username}"
chroot_exec "${var_target}" chsh -s "${var_shell}" "${var_username}" chroot_exec "${var_target}" chsh -s "${var_shell}" "${var_username}"
do_log "info" "file_only" "4520() Shell: '${var_shell}' used for: '${var_username}'." do_log "info" "file_only" "4520() Shell: '${var_shell}' used for: '${var_username}'."