description

This commit is contained in:
Patrick Schleizer 2019-07-31 07:29:42 +00:00
parent c921872016
commit 404f597c0a
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
2 changed files with 7 additions and 0 deletions

5
debian/control vendored
View File

@ -109,6 +109,11 @@ Description: enhances misc security settings
from using su to gain root access or switch user accounts.
/usr/share/pam-configs/security-misc
(Which results in a change in /etc/pam.d/common-auth.)
.
* Add user `root` to group `sudo`.
.
* Lock user accounts after 5 failed login attempts using pam_tally2.
/usr/share/pam-configs/security-misc
.
* Logging into the root account from a virtual, serial, whatnot console is
prevented by shipping an existing and empty /etc/securetty.

View File

@ -55,6 +55,8 @@ case "$1" in
;;
esac
addgroup root sudo
pam-auth-update --package
home_folder_access_rights_lockdown