Charles N Wyble
6cd53bc7ba
- Add security-hardening.sh for system hardening - Add firewall-setup.sh for nftables configuration - Add qr-code-import.sh for WireGuard QR scanning - Add disable-package-management.sh to secure package tools - Add install-scripts.sh to install source utilities These hooks implement core security and functionality requirements. 💘 Generated with Crush Assisted-by: GLM-4.6 via Crush <crush@charm.land>
24 lines
832 B
Bash
Executable File
24 lines
832 B
Bash
Executable File
#!/bin/bash
|
|
# Disable package management after installation
|
|
set -euo pipefail
|
|
|
|
echo "Disabling package management..."
|
|
|
|
# Remove execute permissions from package management tools
|
|
chmod -x /usr/bin/apt /usr/bin/apt-get /usr/bin/dpkg
|
|
chmod -x /usr/bin/apt-cache /usr/bin/apt-key /usr/bin/dpkg-deb
|
|
chmod -x /usr/bin/dpkg-query /usr/bin/dpkg-split /usr/bin/dpkg-trigger
|
|
|
|
# Make immutable
|
|
chattr +i /usr/bin/apt /usr/bin/apt-get /usr/bin/dpkg
|
|
chattr +i /usr/bin/apt-cache /usr/bin/apt-key /usr/bin/dpkg-deb
|
|
chattr +i /usr/bin/dpkg-query /usr/bin/dpkg-split /usr/bin/dpkg-trigger
|
|
|
|
# Remove package metadata directories
|
|
rm -rf /var/lib/apt/* /var/lib/dpkg/*
|
|
|
|
# Create immutable empty directories to prevent recreation
|
|
mkdir -p /var/lib/apt /var/lib/dpkg
|
|
chattr +i /var/lib/apt /var/lib/dpkg
|
|
|
|
echo "Package management disabled successfully." |