diff options
author | Gaming4JC <g4jc@openmailbox.org> | 2017-01-07 00:32:46 -0500 |
---|---|---|
committer | Gaming4JC <g4jc@openmailbox.org> | 2017-01-07 00:32:46 -0500 |
commit | d1925892f9d755b264f1594023458c229939b7fd (patch) | |
tree | b810b81558fef8803b01f2aa6d47f5967876313a | |
parent | 09ee61240a3feada31bf008f506df4917db8d34a (diff) | |
download | abslibre-d1925892f9d755b264f1594023458c229939b7fd.tar.gz abslibre-d1925892f9d755b264f1594023458c229939b7fd.tar.bz2 abslibre-d1925892f9d755b264f1594023458c229939b7fd.zip |
dhcpcd-hardened-script
-rw-r--r-- | nonprism/dhcpcd-hardened-script/PKGBUILD (renamed from nonprism/networkmanager-nonprism/PKGBUILD) | 10 | ||||
-rw-r--r-- | nonprism/dhcpcd-hardened-script/dhcp-hardened-script.service | 0 | ||||
-rw-r--r-- | nonprism/dhcpcd-hardened-script/dhcpcd_hardened.sh | 6 | ||||
-rw-r--r-- | nonprism/networkmanager-nonprism/30-nonprism.conf | 12 |
4 files changed, 11 insertions, 17 deletions
diff --git a/nonprism/networkmanager-nonprism/PKGBUILD b/nonprism/dhcpcd-hardened-script/PKGBUILD index 4b0dd38d4..a8467fbc5 100644 --- a/nonprism/networkmanager-nonprism/PKGBUILD +++ b/nonprism/dhcpcd-hardened-script/PKGBUILD @@ -1,16 +1,16 @@ # Maintainer: Luke R. <g4jc@openmailbox.org> GPG: rsa4096/3EAE8697 -pkgname=networkmanager-hardened-configs +pkgname=dhcpcd-hardened-script pkgver=0.1 pkgrel=1 -pkgdesc="Enables MAC protection on all interfaces." +pkgdesc="Removes Hostname and resets DUID to prevent DHCP leaks on the network" arch=(any) license=(GPL2) -depends=('networkmanager') -source=('30-nonprism.conf') +depends=('dhcpcd') +source=('dhcpcd_hardened.sh') sha512sums=('70e9e4faa87cf258f5d47ce56a7b7d439e0dd9e59ab7d2be2790fcc55342c05a321e4d7e06b8a0ae30ed2575b2a62843d167e93aba9de5cbb9e2034bce0a71ed') whirlpoolsums=('753e1931978c3168acf93a92f9d1050dec4ba4fb9bf6dc76280c6a6bfeef8f09cc371501e7d34d83c013a800155466135cf24159b06258cde60ae7c871d0fb5e') package() { - install -Dm644 30-nonprism.conf "$pkgdir"/usr/lib/NetworkManager/conf.d/30-nonprism.conf + install -Dm755 dhcpcd_hardened.sh "$pkgdir"/usr/lib/dhcpcd/dhcpcd_hardened.sh } diff --git a/nonprism/dhcpcd-hardened-script/dhcp-hardened-script.service b/nonprism/dhcpcd-hardened-script/dhcp-hardened-script.service new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/nonprism/dhcpcd-hardened-script/dhcp-hardened-script.service diff --git a/nonprism/dhcpcd-hardened-script/dhcpcd_hardened.sh b/nonprism/dhcpcd-hardened-script/dhcpcd_hardened.sh new file mode 100644 index 000000000..82f1b4dd0 --- /dev/null +++ b/nonprism/dhcpcd-hardened-script/dhcpcd_hardened.sh @@ -0,0 +1,6 @@ +#!/bin/sh +# This script wipes hostname and DUID so that DHCP can't send it over the network +hostnamectl set-hostname localhost +sed -i '/127.0.0.1/c\127.0.0.1 localhost.localdomain localhost 'localhost'' /etc/hosts ##properly sets our new host in /etc/hosts file +hostname localhost ##avoids need to reboot before showing our new hostname in terminals etc. +rm -rf /etc/dhcpcd.duid # Delete DUID diff --git a/nonprism/networkmanager-nonprism/30-nonprism.conf b/nonprism/networkmanager-nonprism/30-nonprism.conf deleted file mode 100644 index 01b4883d5..000000000 --- a/nonprism/networkmanager-nonprism/30-nonprism.conf +++ /dev/null @@ -1,12 +0,0 @@ -# Non-Prism Hardened configuration file for NetworkManager -# https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ -# https://fedoraproject.org/wiki/Tools/NetworkManager/IPv6 -[device-mac-randomization] -wifi.scan-rand-mac-address=yes - -[connection-mac-randomization] -ethernet.cloned-mac-address=random -wifi.cloned-mac-address=random - -[ipv6] -ip6-privacy=2
\ No newline at end of file |