scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-04 04:18:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add check for container policy (#471)

Browse Source 
Co-authored-by: qoijjj <129108030+qoijjj@users.noreply.github.com>
This commit is contained in:
Rubiginosa
2024-10-23 16:55:29 -04:00
committed by GitHub
parent e33b73d9d3
commit 3f240dd334
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
files/system/usr/share/ublue-os/just/70-secureblue.just
View File

@@ -444,6 +444,12 @@ audit-secureblue:
print_status "$AUTHSELECT_TEST_STRING" "$STATUS_FAILURE"
fi
CONTAINER_POLICY_TEST_STRING="Ensuring no container policy overrides"
if diff /usr/etc/containers/policy.json /etc/containers/policy.json > /dev/null && [ ! -f $HOME/.config/containers/policy.json ]; then
print_status "$CONTAINER_POLICY_TEST_STRING" "$STATUS_SUCCESS"
else
print_status "$CONTAINER_POLICY_TEST_STRING" "$STATUS_FAILURE"
fi
USBGUARD_TEST_STRING="Ensuring usbguard is active"
if systemctl is-active --quiet usbguard; then