kneesox/easy-arch
1
0
Fork 0
mirror of https://github.com/classy-giraffe/easy-arch.git synced 2025-11-17 19:40:55 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update easy-arch.sh

Browse source
This commit is contained in:
Tommaso Chiti 2021-05-10 08:11:38 +02:00 committed by GitHub
parent 67669fcda2
commit 71a00ba404
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

5
easy-arch.sh
View file

@ -175,10 +175,9 @@ EOF
echo "Configuring /etc/mkinitcpio.conf for LUKS hook." echo "Configuring /etc/mkinitcpio.conf for LUKS hook."
sed -i -e 's,modconf block filesystems keyboard,keyboard keymap modconf block encrypt filesystems,g' /mnt/etc/mkinitcpio.conf sed -i -e 's,modconf block filesystems keyboard,keyboard keymap modconf block encrypt filesystems,g' /mnt/etc/mkinitcpio.conf
# Setting up LUKS Keyfile, BTRFS Booting and encryption in GRUB and initramfs. # Setting up LUKS2 encryption and apparmor.
UUID=$(blkid $Cryptroot | cut -f2 -d'"') UUID=$(blkid $Cryptroot | cut -f2 -d'"')
sed -i "s,quiet,quiet cryptdevice=UUID=$UUID:cryptroot root=$BTRFS,g" /mnt/etc/default/grub sed -i "s,quiet,quiet cryptdevice=UUID=$UUID:cryptroot root=$BTRFS lsm=lockdown,yama,apparmor,bpf,g" /mnt/etc/default/grub
sed -i "s#root=/dev/mapper/cryptroot#root=/dev/mapper/cryptroot lsm=lockdown,yama,apparmor,bpf#g" /mnt/etc/default/grub
# Security kernel settings. # Security kernel settings.
echo "kernel.kptr_restrict = 2" > /mnt/etc/sysctl.d/51-kptr-restrict.conf echo "kernel.kptr_restrict = 2" > /mnt/etc/sysctl.d/51-kptr-restrict.conf