packages/security-tool
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add grub2 password for legacy

Browse Source 
(cherry picked from commit c3483fc79aade3dab9a3f8536645cd82ee1a6ef1)
This commit is contained in:
yueyuankun 2023-06-09 17:28:45 +08:00 committed by openeuler-sync-bot
parent 790afadd94
commit 3ed1068fc1
2 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
security-tool-add-grub2-password-for-legacy.patch Normal file
View File

@ -0,0 +1,25 @@
From 28be480fbcfe18f008948642493cbba612c8c685 Mon Sep 17 00:00:00 2001
From: yueyuankun <yueyuankun@kylinos.cn>
Date: Fri, 9 Jun 2023 17:17:17 +0800
Subject: [PATCH] add grub2 password for legacy
---
security-tool.sh | 2 ++
1 file changed, 2 insertions(+)
diff --git a/security-tool.sh b/security-tool.sh
index 0877081..5939f44 100644
--- a/security-tool.sh
+++ b/security-tool.sh
@@ -948,6 +948,8 @@ function fn_harden_grub2()
echo -e "cat <<EOF\nset superusers="root"\npassword_pbkdf2 root grub.pbkdf2.sha512.10000.5A45748D892672FDA02DD3B6F7AE390AC6E6D532A600D4AC477D25C7D087644697D8A0894DFED9D86DC2A27F4E01D925C46417A225FC099C12DBD3D7D49A7425.2BD2F5BF4907DCC389CC5D165DB85CC3E2C94C8F9A30B01DACAA9CD552B731BA1DD3B7CC2C765704D55B8CD962D2AEF19A753CBE9B8464E2B1EB39A3BB4EAB08\nEOF\n" >> /etc/grub.d/00_header
if [ -d /boot/efi/EFI/openEuler -a -d /sys/firmware/efi ]; then
grub2-mkconfig -o /boot/efi/EFI/openEuler/grub.cfg
+ else
+ grub2-mkconfig -o /boot/grub2/grub.cfg
fi
}
# Function Name: fn_harden_sysctl
--
2.33.0

9
security-tool.spec
View File

@ -2,7 +2,7 @@
Summary: openEuler Security Tool Summary: openEuler Security Tool
Name : security-tool Name : security-tool
Version: 2.0 Version: 2.0
Release: 1.87 Release: 1.88
Source0: https://gitee.com/openeuler/security-tool/repository/archive/v2.0.tar.gz Source0: https://gitee.com/openeuler/security-tool/repository/archive/v2.0.tar.gz
License: MulanPSL-2.0 License: MulanPSL-2.0
URL: https://gitee.com/openeuler/security-tool URL: https://gitee.com/openeuler/security-tool
@ -21,6 +21,7 @@ Patch3: fix-function-allow-rpm-q.patch
Patch4: add-secure-hostKey-algorithms.patch Patch4: add-secure-hostKey-algorithms.patch
Patch5: Do-not-hard-code-vendor-name-in-source-code.patch Patch5: Do-not-hard-code-vendor-name-in-source-code.patch
Patch6: sshd-delete-deprecated-option-RSAAuthentication-and-Rhost.patch Patch6: sshd-delete-deprecated-option-RSAAuthentication-and-Rhost.patch
Patch7: security-tool-add-grub2-password-for-legacy.patch
%description %description
%{vendor} Security Tool %{vendor} Security Tool
@ -126,6 +127,12 @@ fi
%attr(0500,root,root) %{_sbindir}/security-tool.sh %attr(0500,root,root) %{_sbindir}/security-tool.sh
%changelog %changelog
* Fri Jun 09 2023 yueyuankun <yueyuankun@kylinos.cn> - 2.0-1.88
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:security-tool-add-grub2-password-for-legacy.patch
* Tue Jan 10 2023 renmingshuai <renmingshuai@huawei.com> - 2.0-1.87 * Tue Jan 10 2023 renmingshuai <renmingshuai@huawei.com> - 2.0-1.87
- delete deprecated option RSAAuthentication and RhostsRSAAuthentication - delete deprecated option RSAAuthentication and RhostsRSAAuthentication