refactoring

debian/security-misc.preinst

@@ -15,6 +15,7 @@ true "
 #####################################################################
 "
 
+user_groups_modifications() {
    ## /usr/lib/security-misc/hide-hardware-info
    addgroup --system sysfs
    addgroup --system cpuinfo
@@ -36,6 +37,7 @@ addgroup --system ssh
    ## block for this to be still blocked by console lockdown. See also:
    ## https://www.whonix.org/wiki/Root#Root_Login
    addgroup root console
+}
 
 sudo_users_check () {
    if command -v "qubesdb-read" &>/dev/null; then
@@ -162,6 +164,8 @@ ssh_users_check() {
    fi
 }
 
+user_groups_modifications
+
 if [ "$1" = "install" ] || [ "$1" = "upgrade" ]; then
    sudo_users_check
    console_users_check