diff --git a/README.md b/README.md index f4e9b8c..da8b4a2 100644 --- a/README.md +++ b/README.md @@ -15,14 +15,11 @@ Please look at the go code, etc... - Boot into some form of Recovery Mode: - Boot into a Linux Live USB disk. - Then mount your hard drive, open the folder to etc, right click and open in new Terminal. - - From the etc folder: change directory to systemd/system, edit execguard@.service - - Remove the %I and replace it with --init so it's in init mode... + - From the etc folder: change directory to systemd/system, Delete multi-user.target.wants/execguard@enforce.service ``` -cd systemd/system/ -sudo nano execguard@.service -ExecStart=/usr/local/bin/execguard --init - -# If, the program still does not work: sudo rm /etc/systemd/system/execguard@.service +pwd +## you should be in /etc/systemd/system/ if not cd into it... +sudo rm multi-user.target.wants/execguard@enforce.service reboot ``` ### About execgaurd --init @@ -66,10 +63,11 @@ cd execgaurd ./install.sh ``` # Running as a Daemon -Kind of Dangerious when in enforce mode!!: +Kind of Dangerious when in enforce mode!! Do a AV scan on your computer, then have all your program run that are safe while in init mode. ``` startExecguard.sh init To Switch to Enforcement more: $ startExecguard.sh enforce +sudo systemctl enable --now execguard@init ``` Reboot, to have all Boot programs, load into learning mode. @@ -102,7 +100,7 @@ If not using apt, change the script to use your package manager. # Once done initializing the System, BEWARE....doing this...: If you have not allowed all the things needed for your system, it will HANG-UP and stop working!!!! ``` -sudo systemctl disable --now execguard@init +sudo systemctl disable execguard@init sudo systemctl execguard@init status sudo systemctl enable --now execguard@enforce diff --git a/execguard@.service b/execguard@.service index 625865a..6715e5b 100644 --- a/execguard@.service +++ b/execguard@.service @@ -1,11 +1,12 @@ [Unit] -Description=Executable Guardian for %I +Description=Executable Guardian for %i After=network.target StartLimitIntervalSec=60 StartLimitBurst=3 [Service] -ExecStart=/usr/local/bin/execguard --%I +Type=simple +ExecStart=/usr/local/bin/execguard --%i Restart=on-failure RestartSec=2 SuccessExitStatus=0 4 diff --git a/install.sh b/install.sh index 8fa1e9e..e0bec00 100755 --- a/install.sh +++ b/install.sh @@ -162,8 +162,7 @@ ${USE_SUPER} /usr/bin/chmod 640 /etc/execguard/config.json if [ ! -f /etc/systemd/system/execguard@.service ]; then /usr/bin/echo "Adding SystemD Serivce file..." - ${USE_SUPER} cp execguard@.service /lib/systemd/system - ${USE_SUPER} ln -s /lib/systemd/system/execguard@.service /etc/systemd/system/ + ${USE_SUPER} cp execguard@.service /etc/systemd/system/ ${USE_SUPER} systemctl daemon-reload fi