summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGaming4JC <g4jc@openmailbox.org>2017-01-07 00:32:46 -0500
committerGaming4JC <g4jc@openmailbox.org>2017-01-07 00:32:46 -0500
commitd1925892f9d755b264f1594023458c229939b7fd (patch)
treeb810b81558fef8803b01f2aa6d47f5967876313a
parent09ee61240a3feada31bf008f506df4917db8d34a (diff)
downloadabslibre-d1925892f9d755b264f1594023458c229939b7fd.tar.gz
abslibre-d1925892f9d755b264f1594023458c229939b7fd.tar.bz2
abslibre-d1925892f9d755b264f1594023458c229939b7fd.zip
dhcpcd-hardened-script
-rw-r--r--nonprism/dhcpcd-hardened-script/PKGBUILD (renamed from nonprism/networkmanager-nonprism/PKGBUILD)10
-rw-r--r--nonprism/dhcpcd-hardened-script/dhcp-hardened-script.service0
-rw-r--r--nonprism/dhcpcd-hardened-script/dhcpcd_hardened.sh6
-rw-r--r--nonprism/networkmanager-nonprism/30-nonprism.conf12
4 files changed, 11 insertions, 17 deletions
diff --git a/nonprism/networkmanager-nonprism/PKGBUILD b/nonprism/dhcpcd-hardened-script/PKGBUILD
index 4b0dd38d4..a8467fbc5 100644
--- a/nonprism/networkmanager-nonprism/PKGBUILD
+++ b/nonprism/dhcpcd-hardened-script/PKGBUILD
@@ -1,16 +1,16 @@
# Maintainer: Luke R. <g4jc@openmailbox.org> GPG: rsa4096/3EAE8697
-pkgname=networkmanager-hardened-configs
+pkgname=dhcpcd-hardened-script
pkgver=0.1
pkgrel=1
-pkgdesc="Enables MAC protection on all interfaces."
+pkgdesc="Removes Hostname and resets DUID to prevent DHCP leaks on the network"
arch=(any)
license=(GPL2)
-depends=('networkmanager')
-source=('30-nonprism.conf')
+depends=('dhcpcd')
+source=('dhcpcd_hardened.sh')
sha512sums=('70e9e4faa87cf258f5d47ce56a7b7d439e0dd9e59ab7d2be2790fcc55342c05a321e4d7e06b8a0ae30ed2575b2a62843d167e93aba9de5cbb9e2034bce0a71ed')
whirlpoolsums=('753e1931978c3168acf93a92f9d1050dec4ba4fb9bf6dc76280c6a6bfeef8f09cc371501e7d34d83c013a800155466135cf24159b06258cde60ae7c871d0fb5e')
package() {
- install -Dm644 30-nonprism.conf "$pkgdir"/usr/lib/NetworkManager/conf.d/30-nonprism.conf
+ install -Dm755 dhcpcd_hardened.sh "$pkgdir"/usr/lib/dhcpcd/dhcpcd_hardened.sh
}
diff --git a/nonprism/dhcpcd-hardened-script/dhcp-hardened-script.service b/nonprism/dhcpcd-hardened-script/dhcp-hardened-script.service
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/nonprism/dhcpcd-hardened-script/dhcp-hardened-script.service
diff --git a/nonprism/dhcpcd-hardened-script/dhcpcd_hardened.sh b/nonprism/dhcpcd-hardened-script/dhcpcd_hardened.sh
new file mode 100644
index 000000000..82f1b4dd0
--- /dev/null
+++ b/nonprism/dhcpcd-hardened-script/dhcpcd_hardened.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+# This script wipes hostname and DUID so that DHCP can't send it over the network
+hostnamectl set-hostname localhost
+sed -i '/127.0.0.1/c\127.0.0.1 localhost.localdomain localhost 'localhost'' /etc/hosts ##properly sets our new host in /etc/hosts file
+hostname localhost ##avoids need to reboot before showing our new hostname in terminals etc.
+rm -rf /etc/dhcpcd.duid # Delete DUID
diff --git a/nonprism/networkmanager-nonprism/30-nonprism.conf b/nonprism/networkmanager-nonprism/30-nonprism.conf
deleted file mode 100644
index 01b4883d5..000000000
--- a/nonprism/networkmanager-nonprism/30-nonprism.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-# Non-Prism Hardened configuration file for NetworkManager
-# https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/
-# https://fedoraproject.org/wiki/Tools/NetworkManager/IPv6
-[device-mac-randomization]
-wifi.scan-rand-mac-address=yes
-
-[connection-mac-randomization]
-ethernet.cloned-mac-address=random
-wifi.cloned-mac-address=random
-
-[ipv6]
-ip6-privacy=2 \ No newline at end of file