valentin/ocanary-setup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

removed user confirmation, sshd restart

Browse Source
This commit is contained in:
valentin 2021-11-10 12:08:27 +01:00
parent a8e2372d76
commit d9c5b06ab7
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ocanary-setup.sh
View File

@ -121,7 +121,8 @@ sudo semanage port -a -t ssh_port_t -p tcp 2222
# Change opencanaryd file type to a 'bin_t' type. Will ensure that the file type does not trisition to a confined domain # Change opencanaryd file type to a 'bin_t' type. Will ensure that the file type does not trisition to a confined domain
# Without this instruction, SELinux will block many actions # Without this instruction, SELinux will block many actions
echo "Adding rules for SELinux to let opencanaryd service run..." echo "Adding rules for SELinux to let opencanaryd service run..."
sudo chcon -t bin_t /var/lib/canary-env/bin/opencanaryd #sudo chcon -t bin_t /var/lib/canary-env/bin/opencanaryd
sudo semanage fcontext -a -t bin_t /var/lib/canary-env/bin/opencanaryd
echo "Setting SELinux to permisive - IMPORTANT - This action must be removed for production" echo "Setting SELinux to permisive - IMPORTANT - This action must be removed for production"
# ----- TODO Change this setting ----- # ----- TODO Change this setting -----
@ -132,7 +133,10 @@ echo "Setting SELinux to permisive - IMPORTANT - This action must be removed for
# Restart ssh-server # Restart ssh-server
read -p "Restart ssh server now ?" -r read -p "Restart ssh server now ?" -r
echo "" echo ""
if [[ $REPLY =~ ^[Yy]$ ]]
# - Don't ask user confirmation (run with ansible)
if [ true ]
#if [[ $REPLY =~ ^[Yy]$ ]]
then then
echo "SSH Server restarting..." echo "SSH Server restarting..."
sudo systemctl restart sshd.service sudo systemctl restart sshd.service