Lightemerald/linux-scripts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix MOR-bit

Browse Source
This commit is contained in:
Lightemerald
2025-12-13 19:08:26 +01:00
parent 34e71d2797
commit 3baa6a0fd2
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
arch-hardening.sh
View File

@@ -280,7 +280,7 @@ sudo systemctl enable --now rngd
#sudo systemctl enable --now haveged
# [CRYP-8006] Ensure MemoryOverwriteRequest-bit set
sudo tee /usr/lib/systemd/system-shutdown/mor-bit-wipe.sh > /dev/null <<'EOL'
sudo tee /usr/lib/systemd/system-shutdown/mor-bit-wipe.shutdown > /dev/null <<'EOL'
#!/bin/bash
# Path to the MemoryOverwriteRequestControl UEFI variable
@@ -301,7 +301,7 @@ fi
exit 0
EOL
sudo chmod +x /usr/lib/systemd/system-shutdown/mor-bit-wipe.sh
sudo chmod 755 /usr/lib/systemd/system-shutdown/mor-bit-wipe.shutdown
# [AUTH-9230] Ensure password hashing algorithm is set to YESCRYPT and hashing rounds to minimum of 5000 and maximum of 5000000
sudo sed -i 's/^ENCRYPT_METHOD .*/ENCRYPT_METHOD YESCRYPT/' /etc/login.defs