remove hardening-enable

please invent package security-paranoid instead https://forums.whonix.org/t/security-hardening-tool-usr-bin-hardening-enable-by-security-misc/8609
2025-03-18 20:26:01 -04:00 · 2019-12-20 05:32:26 -05:00 · 2019-12-20 05:32:26 -05:00 · 6dd6530fa5
commit 6dd6530fa5
parent 6c8127e3cd
3 changed files with 0 additions and 111 deletions
--- a/debian/rules
+++ b/debian/rules
@ -8,10 +8,6 @@
 %:
 	dh $@ --with=config-package

-override_dh_installman:
-	make manpages
-	dh_installman $(CURDIR)/debian/tmp-man/*
-
 override_dh_installchangelogs:
 	dh_installchangelogs changelog.upstream upstream

--- a/man/hardening-enable.8.ronn
+++ b/man/hardening-enable.8.ronn
@ -1,16 +0,0 @@
-hardening-enable(8) -- enable all hardening by security-misc
-=============================================
-
-<span class="comment">
-# Copyright (C) 2019 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
-# See the file COPYING for copying conditions.
-</span>
-
-## SYNOPSIS
-`hardening-enable`
-
-## Description
-Enables all hardening by security-misc.
-
-## AUTHOR
-This man page has been written by Patrick Schleizer (adrelanos@riseup.net).
--- a/usr/bin/hardening-enable
+++ b/usr/bin/hardening-enable
@ -1,91 +0,0 @@
-#!/bin/bash
-
-## Copyright (C) 2019 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
-## See the file COPYING for copying conditions.
-
-set -e
-
-if [ -f /usr/lib/helper-scripts/pre.bsh ]; then
-   source /usr/lib/helper-scripts/pre.bsh
-fi
-
-## Thanks to:
-## http://mywiki.wooledge.org/BashFAQ/035
-
-while :
-do
-      case $1 in
-         --ssh)
-            ssh=true
-            shift
-            ;;
-         --nossh)
-            ssh=false
-            shift
-            ;;
-         --)
-            shift
-            break
-            ;;
-         -*)
-            echo "$0 unknown option: $1" >&2
-            exit 2
-            ;;
-         *)
-            break
-            ;;
-      esac
-done
-
-## If there are input files (for example) that follow the options, they
-## will remain in the "$@" positional parameters.
-
-if [ "$ssh" = "" ]; then
-   echo "${red}ERROR${reset}: must use either --ssh or --nossh. For example:" >&2
-   echo "$0 --nossh" >&2
-   exit 2
-fi
-
-echo "${bold}[Hide Hardware Info]${reset}"
-echo "Enabling enable hide-hardware-info.service by running 'systemctl enable hide-hardware-info.service'..."
-
-systemctl enable hide-hardware-info.service
-
-echo "${green}Success.${reset}"
-echo ""
-
-echo "${bold}[NOEXEC]${reset}"
-echo "Enabling noexec by creating file /etc/noexec ..."
-
-touch /etc/noexec
-
-echo "${green}Success.${reset}"
-echo ""
-
-echo "${bold}[LKRG - Linux Kernel Runtime Guard]${reset}"
-echo "LKRG hardening by creating /etc/sysctl.d/40-security-misc-autogenerated.conf ..."
-
-mkdir -p /etc/sysctl.d
-
-echo "\
-## This is an automatically generated file.
-## This file was automatically generated by:
-## $0
-## Edits may be lost!
-
-## https://www.whonix.org/wiki/Linux_Kernel_Runtime_Guard_LKRG#Configuration
-lkrg.ci_panic=1
-lkrg.umh_lock=1" > /etc/sysctl.d/40-security-misc-autogenerated.conf
-
-echo "${green}Success.${reset}"
-echo ""
-
-if [ "$ssh" = "false" ]; then
-   echo "${bold}[Console Lockdown]${reset}"
-   echo "Enabling Console Lockdown by removing user 'user' from group 'ssh'."
-
-   delgroup user ssh &>/dev/null || true
-
-   echo "${green}Success.${reset}"
-   echo ""
-fi