forked from axiom-team/astrXbian
better security create /etc/sudoers.d/fail2ban-client
This commit is contained in:
parent
ba472faa64
commit
df39059da3
|
@ -256,11 +256,7 @@ ipfs bootstrap add /ip6/fe80::208:a2ff:fe0c:20d8/tcp/4001/p2p/12D3KooWBYme2BsNUr
|
|||
ipfs config Addresses.Gateway "/ip4/127.0.0.1/tcp/8181"
|
||||
|
||||
# RESTRICT $USER NOPASSWD sudo to fail2ban-client ONLY
|
||||
#sudo cp /etc/sudoers /etc/sudoers.bak
|
||||
#sudo head -n -1 /etc/sudoers > /tmp/sudoers # REMOVE LINE install.sh ADDED before
|
||||
#sudo echo "$USER ALL=(ALL) NOPASSWD:/usr/bin/fail2ban-client" >> /tmp/sudoers
|
||||
#sudo chown root:root /tmp/sudoers
|
||||
#sudo mv /tmp/sudoers /etc/sudoers
|
||||
echo "$USER ALL=(ALL) NOPASSWD:/usr/bin/fail2ban-client" | (sudo su -c 'EDITOR="tee" visudo -f /etc/sudoers.d/fail2ban-client')
|
||||
|
||||
########################################################################
|
||||
# echo 'ONLY XBIAN REBOOT NOW...'
|
||||
|
|
|
@ -42,7 +42,7 @@ echo "Sécurisation DEFCON SUDOERS FAIL2BAN"
|
|||
|
||||
### MODIFIYING /etc/sudoers ###
|
||||
# DEFCON LEVEL < 5
|
||||
sudo echo "$USER ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
|
||||
# echo "$USER ALL=(ALL) NOPASSWD:ALL" | sudo EDITOR='tee -a' visudo
|
||||
# NODE activates fail2ban IN zen/ipfs_SWARM_refresh.sh
|
||||
|
||||
if [[ "$USER" == "xbian" ]]
|
||||
|
|
Loading…
Reference in New Issue