KNEL/football
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
89fd6b7dfb457ebae6ee1076488eeeac70dfa60a
football/config/hooks/live/security-hardening.sh
Charles N Wyble bed3b07b81 fix: correct security-hardening.sh hook function calls 
- Fix function name: configure_ssh → configure_ssh_client (matches src/)
- Add missing configure_fim call for AIDE File Integrity Monitoring

These functions exist in src/security-hardening.sh but the hook was
calling the wrong name or missing the FIM call entirely.

💘 Generated with Crush

Assisted-by: GLM-4.7 via Crush <crush@charm.land>
2026-02-19 09:11:43 -05:00

37 lines
817 B
Bash
Executable File
Raw Blame History

#!/bin/bash
# Security hardening hook for live system
set -euo pipefail
echo "Applying security hardening..."
# Apply security hardening functions from proper volume path
# Note: Source path exists at build time in Docker container
# shellcheck disable=SC1091
source /build/src/security-hardening.sh
# Create WiFi module blacklist
create_wifi_blacklist
# Create Bluetooth module blacklist
create_bluetooth_blacklist
# Configure SSH client (client only - no server per security requirements)
configure_ssh_client
# Configure password policy
configure_password_policy
# Configure File Integrity Monitoring (AIDE)
configure_fim
# Configure system limits
configure_system_limits
# Configure audit rules
configure_audit_rules
# Enable auditd service
systemctl enable auditd
echo "Security hardening completed."
Reference in New Issue View Git Blame Copy Permalink