telekom-security/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 01:27:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

prevent cockpit root login

Browse Source
This commit is contained in:
t3chn0m4g3
2019-02-19 10:01:38 +01:00
parent 39ac35935b
commit 8fc5f4a418
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
iso/installer/install.sh
View File

@ -670,6 +670,9 @@ sed -i 's#ListenStream=9090#ListenStream=64294#' /lib/systemd/system/cockpit.soc
sed -i '/^port/Id' /etc/ssh/sshd_config sed -i '/^port/Id' /etc/ssh/sshd_config
echo "Port 64295" >> /etc/ssh/sshd_config echo "Port 64295" >> /etc/ssh/sshd_config
# Do not allow root login for cockpit
sed -i '2i\auth requisite pam_succeed_if.so uid >= 1000' /etc/pam.d/cockpit
# Let's make sure only myCONF_TPOT_FLAVOR images will be downloaded and started # Let's make sure only myCONF_TPOT_FLAVOR images will be downloaded and started
case $myCONF_TPOT_FLAVOR in case $myCONF_TPOT_FLAVOR in
STANDARD) STANDARD)