mirror of
https://github.com/kuhyx/scripts.git
synced 2026-07-04 14:23:08 +02:00
feat: make etc hosts more restrictive
This commit is contained in:
parent
aff91d0c86
commit
05bbad7e5b
14
hosts/hosts
14
hosts/hosts
@ -25,13 +25,13 @@
|
||||
127.0.0.1 s.youtube.com
|
||||
127.0.0.1 googlevideo.com
|
||||
127.0.0.1 www.googlevideo.com
|
||||
0.0.0.0 discord.com
|
||||
0.0.0.0 www.discord.com
|
||||
0.0.0.0 discordapp.com
|
||||
0.0.0.0 www.discordapp.com
|
||||
0.0.0.0 cdn.discordapp.com
|
||||
0.0.0.0 cdn.discord.com
|
||||
0.0.0.0 media.discordapp.net
|
||||
# 0.0.0.0 discord.com
|
||||
# 0.0.0.0 www.discord.com
|
||||
# 0.0.0.0 discordapp.com
|
||||
# 0.0.0.0 www.discordapp.com
|
||||
# 0.0.0.0 cdn.discordapp.com
|
||||
# 0.0.0.0 cdn.discord.com
|
||||
# 0.0.0.0 media.discordapp.net
|
||||
# Block Minecraft download sites
|
||||
127.0.0.1 minecraft.net
|
||||
127.0.0.1 www.minecraft.net
|
||||
|
||||
@ -1,4 +1,24 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Enable systemd-resolved
|
||||
sudo systemctl enable systemd-resolved
|
||||
|
||||
# Remove all attributes from /etc/hosts to allow modifications
|
||||
sudo chattr -i -a /etc/hosts 2>/dev/null || true
|
||||
|
||||
# Copy the hosts file
|
||||
sudo cp hosts /etc/hosts
|
||||
|
||||
# Set restrictive permissions (read-only for owner, no access for group/others)
|
||||
sudo chmod 600 /etc/hosts
|
||||
|
||||
# Make the file immutable (prevents deletion, renaming, and most modifications)
|
||||
sudo chattr +i /etc/hosts
|
||||
|
||||
# Also set append-only attribute as additional protection
|
||||
# Note: This requires removing immutable first, then setting both
|
||||
sudo chattr -i /etc/hosts
|
||||
sudo chattr +a /etc/hosts
|
||||
|
||||
# Flush DNS caches
|
||||
sudo systemd-resolve --flush-caches
|
||||
Loading…
Reference in New Issue
Block a user