From b2ee79a1aea19b220f043f71c77750d0d1bf5e00 Mon Sep 17 00:00:00 2001
From: gbaconni <gbaconni@student.42lausanne.ch>
Date: Wed, 3 Nov 2021 23:08:05 +0100
Subject: [PATCH] 2021-11-03 23:08:05

---
 preseed.cfg | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/preseed.cfg b/preseed.cfg
index 7b672db..29d7d64 100644
--- a/preseed.cfg
+++ b/preseed.cfg
@@ -526,16 +526,17 @@ d-i finish-install/reboot_in_progress note
 d-i preseed/late_command \
         in-target update-alternatives --set editor /usr/bin/vim.basic; \
         in-target sed -i'.orig' -r 's/^#?(Port) .*/\1 4242/; s/^#?(PermitRootLogin) .*/\1 no/;' /etc/ssh/sshd_config; \
-        in-target ufw default deny incoming; \
-        in-target ufw default allow outgoing; \
-        in-target ufw allow proto tcp from any to any port 4242 comment 'Allow SSH'; \
+        in-target systemctl enable ufw; \
+        in-target systemctl start ufw; \
         in-target ufw enable; \
+        in-target ufw allow proto tcp from any to any port 4242; \
+        in-target ufw status; \
         in-target groupadd -f -r sudo; \
         in-target groupadd -f user42; \
         in-target usermod -a -G sudo,user42 gbaconni; \
         in-target sed -i'.orig' -r 's/^#?(PASS_MAX_DAYS).*/\1\t30/; s/^#?(PASS_MIN_DAYS).*/\1\t2/; s/^#?(PASS_WARN_AGE).*/\1\t7/; s/^#?(PASS_MIN_LEN).*/\1\t10/;' /etc/login.defs; \
-		in-target sed -i'.orig' -r 's/^[# ]?(minlen =)/\1 10/; s/^[# ]?([ud]credit =)/\1 -1/; s/^[# ]?(maxrepeat =)/\1 3/; s/^[# ]?(usercheck =)/\1 1/; s/^[# ]?(difok =)/\1 7/;' /etc/security/pwquality.conf; \
+		in-target sed -i'.orig' -r 's/^[# ]*(minlen =)/\1 10/; s/^[# ]*([ud]credit =)/\1 -1/; s/^[# ]*(maxrepeat =)/\1 3/; s/^[# ]*(usercheck =)/\1 1/; s/^[# ]*(difok =)/\1 7/;' /etc/security/pwquality.conf; \
 		in-target mkdir -p /var/log/sudo; \
-		in-target echo -e 'passwd_tries=3\nbadpass_message="I am sorry. I am afraid you cannot do that."\nlog_input\nlog_output\niolog_dir="/var/log/sudo"\nrequiretty\nsecure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"' | sed 's/^/Defaults\t/' > /etc/sudoers.d/sudo; \
+		in-target printf 'passwd_tries=3\nbadpass_message="I am sorry. I am afraid you cannot do that."\nlog_input\nlog_output\niolog_dir="/var/log/sudo"\nrequiretty\nsecure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"\n' | sed 's/^/Defaults\t/' > /etc/sudoers.d/sudo; \
         in-target apt-get clean