1801,7 → 1801,6 |
## Fonction "gammu_smsd" ## |
## - Creation de la base de donnée Gammu ## |
## - Creation du fichier de config: gammu_smsd_conf ## |
## ## |
################################################################## |
gammu_smsd() |
{ |
1867,10 → 1866,9 |
|
################################################################## |
## Fonction "msec" ## |
## - Application du niveau de sécurité fileserver ## |
## - Désactiver l'autorisation de redémarrage ## |
## - forcer les permissions sur les configurations ## |
## - forcer les permissions sur les log ## |
## - Apply the "fileserver" security level ## |
## - remove the "system request" for rebboting ## |
## - Fix several file permissions ## |
################################################################## |
msec() |
{ |
1880,8 → 1878,7 |
# Disable Magic SysReq Keys |
$SED "s?^ALLOW_REBOOT=.*?ALLOW_REBOOT=no?g" /etc/security/msec/level.fileserver |
|
|
# Configure permissions monitoring and enforcement |
# Set permissions monitoring and enforcement |
cat <<EOF > /etc/security/msec/perm.local |
/var/log/firefwall/ root.apache 750 |
/var/log/firewall/* root.apache 640 |
1902,9 → 1899,8 |
/etc/pki/* root.apache 750 |
/var/log/netflow/porttracker apache.apache 770 |
/var/log/netflow/porttracker/* apache.apache 770 |
|
EOF |
|
# apply now |
/usr/sbin/msec |
|
} # END msec() |
2025,8 → 2021,6 |
echo "net.ipv6.conf.all.autoconf = 0" >> /etc/sysctl.d/alcasar.conf |
echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.d/alcasar.conf |
echo "net.ipv6.conf.default.autoconf = 0" >> /etc/sysctl.d/alcasar.conf |
# remove Magic SysReq Keys |
[ -e /etc/sysctl.d/51-alt-sysrq.conf ] && rm /etc/sysctl.d/51-alt-sysrq.conf |
# switch to multi-users runlevel (instead of x11) |
ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target |
# GRUB modifications (only one time) |