Hi,
thank you for you work.
this script looks really promising.
sadly with my test setup i could not make it work with the parameter described in --help .
$ sudo ./fortress_improved.sh --disable ssh_hardening,audit,boot_security,firewall,password_policy,ssh_hardening -l paranoid
$ sudo ./fortress_improved.sh -l paranoid -x ssh_hardening,audit,boot_security,firewall,password_policy,ssh_hardening
bot times it just ignored the parameter to disable modules and just installed all of them :(
luckily i have made snapshots before usage.
also i tried to change line 41 to
DISABLE_MODULES="audit,boot_security,firewall,password_policy,ssh_hardening
and just run the script that way also without success :(
with kind regards
//EDIT1:
i just tried:
sudo ./fortress_improved.sh -e apparmor,automatic_updates,fail2ban,filesystems,ntp,package_verification,packages,root_access,secure_shared_memory,sysctl,system_update,usb_protection
that also got completely ignored and just installed everything :(
//EDIT2:
even --generate-config shows only defaults.
and if the generated config is edited and applied via sudo ./fortress_improved.sh -c /tmp/fortress.conf it does not work and installs defaults :(
Hi,
thank you for you work.
this script looks really promising.
sadly with my test setup i could not make it work with the parameter described in
--help.bot times it just ignored the parameter to disable modules and just installed all of them :(
luckily i have made snapshots before usage.
also i tried to change line 41 to
and just run the script that way also without success :(
with kind regards
//EDIT1:
i just tried:
that also got completely ignored and just installed everything :(
//EDIT2:
even
--generate-configshows only defaults.and if the generated config is edited and applied via
sudo ./fortress_improved.sh -c /tmp/fortress.confit does not work and installs defaults :(