forked from axiom-team/astrXbian
better security create /etc/sudoers.d/fail2ban-client
This commit is contained in:
parent
ba472faa64
commit
df39059da3
|
@ -256,11 +256,7 @@ ipfs bootstrap add /ip6/fe80::208:a2ff:fe0c:20d8/tcp/4001/p2p/12D3KooWBYme2BsNUr
|
||||||
ipfs config Addresses.Gateway "/ip4/127.0.0.1/tcp/8181"
|
ipfs config Addresses.Gateway "/ip4/127.0.0.1/tcp/8181"
|
||||||
|
|
||||||
# RESTRICT $USER NOPASSWD sudo to fail2ban-client ONLY
|
# RESTRICT $USER NOPASSWD sudo to fail2ban-client ONLY
|
||||||
#sudo cp /etc/sudoers /etc/sudoers.bak
|
echo "$USER ALL=(ALL) NOPASSWD:/usr/bin/fail2ban-client" | (sudo su -c 'EDITOR="tee" visudo -f /etc/sudoers.d/fail2ban-client')
|
||||||
#sudo head -n -1 /etc/sudoers > /tmp/sudoers # REMOVE LINE install.sh ADDED before
|
|
||||||
#sudo echo "$USER ALL=(ALL) NOPASSWD:/usr/bin/fail2ban-client" >> /tmp/sudoers
|
|
||||||
#sudo chown root:root /tmp/sudoers
|
|
||||||
#sudo mv /tmp/sudoers /etc/sudoers
|
|
||||||
|
|
||||||
########################################################################
|
########################################################################
|
||||||
# echo 'ONLY XBIAN REBOOT NOW...'
|
# echo 'ONLY XBIAN REBOOT NOW...'
|
||||||
|
|
|
@ -42,7 +42,7 @@ echo "Sécurisation DEFCON SUDOERS FAIL2BAN"
|
||||||
|
|
||||||
### MODIFIYING /etc/sudoers ###
|
### MODIFIYING /etc/sudoers ###
|
||||||
# DEFCON LEVEL < 5
|
# DEFCON LEVEL < 5
|
||||||
sudo echo "$USER ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
|
# echo "$USER ALL=(ALL) NOPASSWD:ALL" | sudo EDITOR='tee -a' visudo
|
||||||
# NODE activates fail2ban IN zen/ipfs_SWARM_refresh.sh
|
# NODE activates fail2ban IN zen/ipfs_SWARM_refresh.sh
|
||||||
|
|
||||||
if [[ "$USER" == "xbian" ]]
|
if [[ "$USER" == "xbian" ]]
|
||||||
|
|
Loading…
Reference in New Issue