scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-14 17:15:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

add POSTINSTALL-README

Browse Source
This commit is contained in:
qoijjj
2024-01-06 17:01:44 -08:00
committed by GitHub
parent e85fd07756
commit dd7135761a
2 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
POSTINSTALL-README.md Normal file
View File

@@ -0,0 +1,19 @@
# secureblue
After rebasing to secureblue, the following steps are recommended.
## Set a GRUB password
*to be added*
## Create a separate wheel account for admin purposes
Creating a dedicated wheel user and removing wheel from your primary user helps prevent certain attack vectors:
https://www.kicksecure.com/wiki/Dev/Strong_Linux_User_Account_Isolation#LD_PRELOAD
https://www.kicksecure.com/wiki/Root#Prevent_Malware_from_Sniffing_the_Root_Password
1. ```adduser admin```
2. ```usermod -aG wheel admin```
3. ```gpasswd -d {your username here} wheel```
4. reboot

3
README.md
View File

@@ -154,6 +154,9 @@ To rebase an existing Silverblue/Kinoite installation to the latest build:
After installation, [yafti](https://github.com/ublue-os/yafti) will open. Make sure to follow the steps listed carefully and read the directions closely. After installation, [yafti](https://github.com/ublue-os/yafti) will open. Make sure to follow the steps listed carefully and read the directions closely.
Have a look at [POSTINSTALL-README](POSTINSTALL-README.md).
#### Kargs #### Kargs
To append kernel boot parameters that apply additional hardening (reboot required): To append kernel boot parameters that apply additional hardening (reboot required):