V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 2m15s
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 2m15s
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -220,7 +220,7 @@ bantime.overalljails = true
|
|||||||
bantime.rndtime = 877s
|
bantime.rndtime = 877s
|
||||||
filter = sshd
|
filter = sshd
|
||||||
findtime = 16m
|
findtime = 16m
|
||||||
mode = aggressive
|
mode = normal
|
||||||
port = ${VAR_SSH_PORT}
|
port = ${VAR_SSH_PORT}
|
||||||
protocol = tcp
|
protocol = tcp
|
||||||
maxretry = 4
|
maxretry = 4
|
||||||
|
|||||||
@@ -402,6 +402,8 @@ EOF
|
|||||||
|
|
||||||
[[ "${var_2fa_tty}" == "true" ]] && write_ciss_2fa_user "${var_username}" "login" "on" "${var_target}"
|
[[ "${var_2fa_tty}" == "true" ]] && write_ciss_2fa_user "${var_username}" "login" "on" "${var_target}"
|
||||||
|
|
||||||
|
write_ciss_2fa_user "${var_username}" "su" "on" "${var_target}"
|
||||||
|
|
||||||
write_ciss_2fa_user "${var_username}" "sudo" "on" "${var_target}"
|
write_ciss_2fa_user "${var_username}" "sudo" "on" "${var_target}"
|
||||||
|
|
||||||
fi
|
fi
|
||||||
@@ -748,12 +750,9 @@ write_ciss_2fa_user() {
|
|||||||
declare -r var_ciss_2fa_map="${var_target}/etc/ciss/2fa.map"
|
declare -r var_ciss_2fa_map="${var_target}/etc/ciss/2fa.map"
|
||||||
declare -r var_map_file="${var_ciss_2fa_map}"
|
declare -r var_map_file="${var_ciss_2fa_map}"
|
||||||
declare -r var_tmp_file="${var_map_file}.tmp.$$"
|
declare -r var_tmp_file="${var_map_file}.tmp.$$"
|
||||||
declare -r var_umask=$(umask)
|
|
||||||
declare -i col_idx="" found="0" status=""
|
declare -i col_idx="" found="0" status=""
|
||||||
declare line=""
|
declare line=""
|
||||||
|
|
||||||
umask 0077
|
|
||||||
|
|
||||||
# shellcheck disable=SC2249
|
# shellcheck disable=SC2249
|
||||||
case "${var_s,,}" in
|
case "${var_s,,}" in
|
||||||
on|1|yes|true) status="1" ;;
|
on|1|yes|true) status="1" ;;
|
||||||
@@ -846,11 +845,10 @@ write_ciss_2fa_user() {
|
|||||||
if [[ -e "${var_tmp_file}" ]]; then
|
if [[ -e "${var_tmp_file}" ]]; then
|
||||||
|
|
||||||
mv -f -- "${var_tmp_file}" "${var_map_file}" || rm -f -- "${var_tmp_file}"
|
mv -f -- "${var_tmp_file}" "${var_map_file}" || rm -f -- "${var_tmp_file}"
|
||||||
|
chmod 0644 "${var_map_file}"
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
umask "${var_umask}"
|
|
||||||
|
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
### Prevents accidental 'unset -f'.
|
### Prevents accidental 'unset -f'.
|
||||||
|
|||||||
@@ -82,7 +82,7 @@ TTYPERM 0600
|
|||||||
#
|
#
|
||||||
ERASECHAR 0177
|
ERASECHAR 0177
|
||||||
KILLCHAR 025
|
KILLCHAR 025
|
||||||
UMASK 0077
|
UMASK 077
|
||||||
|
|
||||||
# HOME_MODE is used by useradd(8) and newusers(8) to set the mode for new
|
# HOME_MODE is used by useradd(8) and newusers(8) to set the mode for new
|
||||||
# home directories.
|
# home directories.
|
||||||
|
|||||||
@@ -12,6 +12,8 @@
|
|||||||
|
|
||||||
guard_sourcing
|
guard_sourcing
|
||||||
|
|
||||||
|
[[ -f /root/ciss-debian-live-builder.env ]] && . /root/ciss-debian-live-builder.env
|
||||||
|
|
||||||
### Definition of MUST set global variables.
|
### Definition of MUST set global variables.
|
||||||
# shellcheck disable=SC2155
|
# shellcheck disable=SC2155
|
||||||
declare -grx VAR_KERNEL_INF=$(mktemp var_kernel_inf.XXXXXXXX)
|
declare -grx VAR_KERNEL_INF=$(mktemp var_kernel_inf.XXXXXXXX)
|
||||||
|
|||||||
Reference in New Issue
Block a user