Index: scripts/lockdown.sh
===================================================================
diff -u -r0b8105f416aad119a9d58a407dbf84e79fe72aa1 -rccddb9de7bc94036e130e034b1de67dca00e028d
--- scripts/lockdown.sh	(.../lockdown.sh)	(revision 0b8105f416aad119a9d58a407dbf84e79fe72aa1)
+++ scripts/lockdown.sh	(.../lockdown.sh)	(revision ccddb9de7bc94036e130e034b1de67dca00e028d)
@@ -195,58 +195,61 @@
   chmod -R o-rwx /home/denali
   chmod u+rx /home/denali/denali
 
-  # Give read-only access to denali by making the group owner.
-  mkdir -p /var/configurations/CloudSync
-  chown -R cloud.denali /var/configurations/CloudSync
-  chmod -R g-w,g+r,o-rwx /var/configurations/CloudSync
+  # ***** denali
+  # Give read-write access to denali by making it the owner.
+  mkdir -p               /media/sd-card/log
+  chown -R denali.denali /media/sd-card/log
 
+  mkdir -p               /media/sd-card/service
+  chown -R denali.denali /media/sd-card/service
+
   # Give read-only access to cloud by making the group owner.
   mkdir -p /var/configurations/treatment
   chown -R denali.cloud /var/configurations/treatment
   chmod -R g-w,g+r,o-rwx /var/configurations/treatment
 
   # Give read-only access to cloud by making the group owner.
-  mkdir -p /var/configurations/treatment/pending/
+  mkdir -p /var/configurations/treatment/pending
   chown -R denali.cloud /var/configurations/treatment/pending/
   chmod -R g-w,g+r,o-rwx /var/configurations/treatment/pending/
 
+  # Give read-only access to Settings/Systems
+  chown -R denali.denali /var/configurations/Settings
 
+  # ***** cloud
   # Give read-only access to denali by making the group owner.
+  chown -R cloud.denali /var/configurations/CloudSync
+  chmod -R g-w,g+r,o-rwx /var/configurations/CloudSync
+
+  # Give read-only access to denali by making the group owner.
   mkdir -p /media/sd-card/cloudsync
   chown -R cloud.denali /media/sd-card/cloudsync
   chmod -R u+rw,g+rw,o-rwx /media/sd-card/cloudsync
 
-  # Give read-write access to denali by making it the owner.
-  mkdir -p               /media/sd-card/log
-  chown -R denali.denali /media/sd-card/log
-  
-  mkdir -p               /media/sd-card/service
-  chown -R denali.denali /media/sd-card/service
-
   # Set the immutable attribute for all of the files.
   chattr -R +i /home/cloud/*
   chattr -R +i /home/denali/*
 
   # Add Denali and Cloud to other user groups as needed.
   usermod -a -G video denali
   usermod -a -G input denali
-  usermod -a -G tty denali
+  usermod -a -G tty   denali
 }
 
 function cleanup() {
   # ----------------------------------------- Remove the setup files
   post_log_dash                             " Remove the setup files "
-  
+
   rm $SETUP_CONF_FILE
   rm /home/root/setup.sh
   rm -frd $HOME/.ssh
   rm -frd /media/sd-card/*
-  
+
 }
 
 function main() {
   cleanup
-  
+
   secureDenali
   secureCloudSync
 
@@ -256,7 +259,7 @@
   secureIPTables
 
   secureSsh
-  
+
 }
 
 # Running the main function