scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-02 11:28:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
555 Commits 1 Branch 0 Tags
06f6aa788de6eb111aa531a50e9cd962819d0a31
Commit Graph

42 Commits

Author SHA1 Message Date
qoijjj
06f6aa788d fix: switch to a resolved drop-in 2024-01-22 13:43:25 -08:00
qoijjj
c3f652528f fix: permit wheelless users to upgrade 2024-01-21 11:57:32 -08:00
qoijjj
0f1cd5a973 fix: for server, set setroubleshootd to use hardened_malloc-light 2024-01-18 23:31:34 -08:00
qoijjj
7d63ce5804 fix: firewall config name for server, and file permissions 2024-01-09 17:36:42 -08:00
qoijjj
f99da857c7 improve: various configs and file permissions 2024-01-09 13:14:21 -08:00
qoijjj
d4d4827ad1 switch server images to the ucore base 2024-01-09 11:43:46 -08:00
qoijjj
7c552f85cf use file override instead of script for ssh firewall rule 2024-01-09 01:05:04 -08:00
qoijjj
02274d14eb force sddm to use wayland 2024-01-08 12:08:10 -08:00
qoijjj
c2893cbf16 fix location of server files 2024-01-08 01:37:36 -08:00
qoijjj
e768d4a0f6 fix: coreos images to allow image signing 2024-01-08 01:25:09 -08:00
qoijjj
e85fd07756 cleanup: login.defs file 2024-01-05 10:21:39 -08:00
qoijjj
d19116bd2b Fix cups just command 2024-01-05 00:15:42 -08:00
qoijjj
183b0234c2 Merge branch 'template' into live 2024-01-04 22:33:14 -08:00
xyny
f35d3c2544 fix: add single quotes for paths 2023-12-31 10:39:17 +00:00
xyny
d6806f9327 chore: migrate justfile to import 
https://github.com/ublue-os/config/issues/178
 2023-12-27 10:20:53 +00:00
Sadoon Al-Bader
24caa87dab chromium: Disable VAAPI and enable wayland 2023-12-24 13:59:11 -08:00
qoijjj
38999d4123 Add userns-enabled variant to give the users choice on the tradeoff between userns and non-userns 2023-12-16 13:11:41 -08:00
qoijjj
1cf19d4dbd Add kargs password prompt for yafti 2023-12-13 11:39:20 -08:00
qoijjj
5dd011c078 Disable io_uring, see inline comment for details 2023-12-11 10:49:16 -08:00
qoijjj
822f4f0277 Update ld.so.preload according to #119 
https://github.com/secureblue/secureblue/issues/119
 2023-12-11 09:04:49 -08:00
qoijjj
f24704397a move jitless flag for chromium to the correct location for fedora 2023-12-10 00:47:48 -08:00
qoijjj
bee997577b Add cups back to the image and disable it by default. Include a just command to enable it if the user chooses. 2023-12-10 00:03:13 -08:00
qoijjj
6c13b8293b chronyd hardening 2023-12-09 23:30:23 -08:00
qoijjj
a3ddde977b Hardened chromium config 2023-12-09 23:22:53 -08:00
34n0
3685fa6daa feat: 🔒 harden and enable pam faillock, password encryption & quality suggestions 2023-12-08 13:40:46 -08:00
qoijjj
baf53da8b8 Add sericea images, add separate laptop images for tlp, and refactor 2023-12-07 16:06:50 -08:00
qoijjj
0aa5d6aba7 Only allow sudoless rpm-ostree for upgrades and refreshes 2023-12-05 12:23:47 -08:00
qoijjj
f559a983f7 Add back yafti and include various new steps, including kernel and flatpak hardening automation 2023-12-05 00:06:49 -08:00
qoijjj
719016a526 Add chrony config to enable NTS. 2023-12-04 22:43:44 -08:00
qoijjj
dadc1ece43 Add warning about removing userns setting 2023-12-04 18:28:27 -08:00
qoijjj
25ac909ef8 Fix wireplumber issue with hardened malloc #92 2023-12-04 16:31:58 -08:00
qoijjj
28cb192d43 Fix upowerd for use without unprivileged usernamespaces 2023-11-30 14:35:35 -08:00
34n0
0b1c932fe8 feat: add per network mac randomization 2023-11-30 13:58:50 -08:00
qoijjj
814c74ecc1 Require sudo for rpm-ostree (#51) 2023-11-26 20:15:17 -08:00
qoijjj
b940ca7cf5 Rename sudoers timeout file (#50) 2023-11-26 19:49:25 -08:00
qoijjj
7d89b54264 Require sudo password every time 2023-11-26 18:46:37 -08:00
qoijjj
cb11fbcaae Rebase secureblue with a new, clean commit history 2023-11-26 16:42:27 -08:00
ArtikusHG
9b3db9c3ac feat: add just syntax checker (#194) 
* feat: add just syntax checker

* fix: create empty file to pass just syntax check

* fix: use relative path to pass just syntax check

* fix: justfiles cannot be empty to pass the syntax check

* fix: format justfiles

* docs: 100-bling.just explain purpose

---------

Co-authored-by: xyny <60004820+xynydev@users.noreply.github.com>
 2023-11-22 15:26:27 +00:00
xynydev
9f728a120b fix: accommodate new justfile organization 2023-09-25 18:12:56 +03:00
IverCoder
e8ce354dcc feat(yafti): add GNOME Web to the Web Browsers section (#161) 2023-09-23 21:30:21 +00:00
IverCoder
4d40e5444a feat!(yafti): use newest GNOME Camera and Image Viewer (#160) 2023-09-23 13:21:40 +00:00
gerblesh
cc90a91733 feat: added systemd and files module (#142) 
* feat: add files and systemd module

* fix: yaml formatting

* fix: yaml formatting

* fix: remove comment completely

* fix: yaml formatting

* docs: add back inline comment

* reformat: rename variables

* fix: fix systemd escaped string

* fix: fix systemd service formatting with printf

* fix: attempting to fix systemd module problems

* chore: remove debug config and code from systemd module

* docs: added WIP docs for systemd, reworked files README

* docs: added more detail for systemd module

* docs: update READMEs to be more consistent

* docs: remove unneeded sentence

* docs: remove unneeded sentence

* chore: fix issues described in PR review

* docs: fix markdown formatting

* docs: fix markdown formatting

* docs: better markdown
 2023-09-05 15:56:42 +00:00