Qubes-VM-hardening/install

#!/bin/sh
set -e
[ `id -u` -eq 0 ] || exit

echo "Disabling the pre-release service (if present)..."
systemctl disable vm-sudo-protect.service || true

echo "Installing vm-boot-protect.service..."
cp vm-boot-protect.sh /usr/lib/qubes/init
chmod +x /usr/lib/qubes/init/vm-boot-protect.sh
cp vm-boot-protect.service /lib/systemd/system
systemctl daemon-reload
systemctl enable vm-boot-protect.service

echo "Adding defaults in /etc/default/vms..."
# Careful... ownership & mode are not preserved here!
cp -rnv default/vms/* /etc/default/vms

echo
echo "vm-boot-protect installed!"
Readme and add local dir 2018-02-20 17:40:29 -05:00			`#!/bin/sh`
Readme. Install defaults. 2018-04-03 10:53:15 -04:00			`set -e`
Readme and add local dir 2018-02-20 17:40:29 -05:00			[ `id -u` -eq 0 ] \|\| exit

echo quotes 2018-03-29 07:35:34 -04:00			`echo "Disabling the pre-release service (if present)..."`
Readme. Install defaults. 2018-04-03 10:53:15 -04:00			`systemctl disable vm-sudo-protect.service \|\| true`
bak dir path and issue 11 2018-03-29 07:22:22 -04:00
Readme. Install defaults. 2018-04-03 10:53:15 -04:00			`echo "Installing vm-boot-protect.service..."`
Service rename to vm-boot-protect 2018-03-29 02:57:06 -04:00			`cp vm-boot-protect.sh /usr/lib/qubes/init`
			`chmod +x /usr/lib/qubes/init/vm-boot-protect.sh`
			`cp vm-boot-protect.service /lib/systemd/system`
Readme and add local dir 2018-02-20 17:40:29 -05:00			`systemctl daemon-reload`
Service rename to vm-boot-protect 2018-03-29 02:57:06 -04:00			`systemctl enable vm-boot-protect.service`
Readme and add local dir 2018-02-20 17:40:29 -05:00
Readme. Install defaults. 2018-04-03 10:53:15 -04:00			`echo "Adding defaults in /etc/default/vms..."`
			`# Careful... ownership & mode are not preserved here!`
			`cp -rnv default/vms/* /etc/default/vms`

bak dir path and issue 11 2018-03-29 07:22:22 -04:00			`echo`
echo quotes 2018-03-29 07:35:34 -04:00			`echo "vm-boot-protect installed!"`
Readme and add local dir 2018-02-20 17:40:29 -05:00