Git-Mirrors/Qubes-VM-hardening
1
0
Fork 0
mirror of https://github.com/tasket/Qubes-VM-hardening.git synced 2025-09-20 12:44:44 -04:00
Code Issues Projects Releases Packages Wiki Activity

add protection to home/.config/systemd

Browse source
This commit is contained in:
Christopher Laprise 2019-07-13 05:39:42 -04:00
parent c989b8bd4a
commit babfc9bbaa
No known key found for this signature in database
GPG key ID: 448568C8B281C952
3 changed files with 11 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

6
vm-boot-protect.sh
View file

@ -2,7 +2,7 @@
## Protect startup of Qubes VMs from /rw content ##
## https://github.com/tasket/Qubes-VM-hardening ##
## Copyright 2017-2018 Christopher Laprise ##
## Copyright 2017-2019 Christopher Laprise ##
## tasket@protonmail.com ##
# This file is part of Qubes-VM-hardening.
@ -28,7 +28,7 @@
chfiles=".bashrc .bash_profile .bash_login .bash_logout .profile \
.xprofile .xinitrc .xserverrc .xsession"
chdirs="bin .local/bin .config/autostart .config/plasma-workspace/env \
.config/plasma-workspace/shutdown .config/autostart-scripts"
.config/plasma-workspace/shutdown .config/autostart-scripts .config/systemd"
vmname=`qubesdb-read /name`
dev=/dev/xvdb
@ -36,7 +36,7 @@ rw=/mnt/rwtmp
rwbak=$rw/vm-boot-protect
errlog=/var/run/vm-protect-error
defdir=/etc/default/vms
version="0.8.2"
version="0.8.4"
# Function: Make user scripts immutable.