Randomize default cron job timings
This commit is contained in:
parent
5a60a8f29d
commit
1c52727b71
|
@ -1057,6 +1057,35 @@ function install_not_on_BBB {
|
|||
echo 'install_not_on_BBB' >> $COMPLETION_FILE
|
||||
}
|
||||
|
||||
function randomize_cron {
|
||||
# The predictable default timing of Debian cron jobs might
|
||||
# be exploitable knowledge. Avoid too much predictability
|
||||
# by randomizing the times when cron jobs run
|
||||
if grep -Fxq "randomize_cron" $COMPLETION_FILE; then
|
||||
return
|
||||
fi
|
||||
|
||||
# randomize the day on which the weekly cron job runs
|
||||
randdow=$(($RANDOM%6+1))
|
||||
sed -i "s/* * 7/* $randdow/g" /etc/crontab
|
||||
|
||||
# randomize the time when the weekly cron job runs
|
||||
randmin=$(($RANDOM%60))
|
||||
randhr=$(($RANDOM%3+1))
|
||||
sed -i "s|47 6|$randmin $randhr|g" /etc/crontab
|
||||
|
||||
# randomize the time when the daily cron job runs
|
||||
randmin=$(($RANDOM%60))
|
||||
randhr=$(($RANDOM%3+4))
|
||||
sed -i "s|25 6\t* * *|$randmin $randhr\t|g" /etc/crontab
|
||||
|
||||
# randomize the time when the hourly cron job runs
|
||||
randmin=$(($RANDOM%60))
|
||||
sed -i "s|17 *\t* * *|$randmin *\t|g" /etc/crontab
|
||||
|
||||
echo 'randomize_cron' >> $COMPLETION_FILE
|
||||
}
|
||||
|
||||
function get_cjdns_public_key {
|
||||
if [ -f /home/$MY_USERNAME/README ]; then
|
||||
if grep -q "cjdns public key" /home/$MY_USERNAME/README; then
|
||||
|
@ -8523,6 +8552,7 @@ change_debian_repos
|
|||
enable_backports
|
||||
configure_dns
|
||||
install_dynamicdns
|
||||
randomize_cron
|
||||
create_freedns_updater
|
||||
initial_setup
|
||||
enforce_good_passwords
|
||||
|
|
Loading…
Reference in New Issue