From 933c33553df03d3404811af24136407334be9a2c Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Thu, 22 Sep 2022 22:17:53 +0200 Subject: [PATCH] fix: adjust cron files and folder permissions --- scripts/20-rocky-9.sh | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/scripts/20-rocky-9.sh b/scripts/20-rocky-9.sh index 54a4cec..97712c8 100644 --- a/scripts/20-rocky-9.sh +++ b/scripts/20-rocky-9.sh @@ -1,13 +1,13 @@ #!/bin/bash set -eo pipefail -### Update system +### Updates system echo '> Update packages ...' dnf -yq update dnf -q clean all -## Adjust Grub config -echo '> Adjust Grub config ...' +## Sets Grub config +echo '> Set grub config ...' KERNEL_OPTIONS=( 'audit=1' 'audit_backlog_limit=8192' @@ -32,6 +32,16 @@ grubby --update-kernel=ALL --args="audit=1" grubby --update-kernel=ALL --args="audit_backlog_limit=8192" chmod 600 /boot/grub2/grub.cfg +### Sets cron permissions +echo '> Set cron permissions ...' +chmod 0700 /etc/cron.d +chmod 0700 /etc/cron.daily +chmod 0700 /etc/cron.hourly +chmod 0700 /etc/cron.monthly +chmod 0700 /etc/cron.weekly +chmod 0600 /etc/crontab +rm -rf /etc/cron.deny + ### Cleans all audit logs echo '> Cleaning all audit logs ...' if [ -f /var/log/audit/audit.log ]; then