secureblue

mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-05 12:57:45 +00:00

Author	SHA1	Message	Date
qoijjj	656bf9b5e2	feat: disable chromium internal pdf viewer	2024-04-19 16:22:38 -07:00
qoijjj	a86a3b7a02	feat: add additional chromium hardening based on vanadium	2024-04-17 22:53:33 -07:00
qoijjj	23020bab4e	docs: update vanadium comparison readme	2024-04-17 22:28:05 -07:00
qoijjj	3c546eb01b	docs: minor justfile messaging changes	2024-04-17 10:13:09 -07:00
Cheng Zhang	1cfb2b30d8	feat: just commands to override modprobe blacklist (#260 )	2024-04-17 10:11:12 -07:00
qoijjj	9f6aa640d4	feat: add just command to remove all hardening kargs	2024-04-06 17:08:00 -07:00
qoijjj	27f9c86430	docs: fix typo in kargs readme	2024-03-31 00:35:46 -07:00
qoijjj	e1f6b5ba9f	feat: add additional chromium policy hardening and drop chkrootkit as its false positives make it low-utility	2024-03-31 06:32:39 +00:00
qoijjj	55a54742d6	fix: disable compression for sshd for server variants	2024-03-29 19:05:31 +00:00
qoijjj	d3f2ba5d2e	docs: fix broken links to the fedora chromium spec	2024-03-28 17:43:15 +00:00
qoijjj	8712beeb44	docs: add additional chromium documentation and fix existing documentation	2024-03-28 17:39:04 +00:00
qoijjj	f228f4e689	fix: motd script spacing	2024-03-24 22:53:19 -07:00
qoijjj	f1bacc015a	feat: add image tag warning to advise users not to use specific tags	2024-03-24 21:56:06 -07:00
qoijjj	67e114ce4b	fix: sudo timeout to 1min instead of 0min	2024-03-22 13:30:15 -07:00
qoijjj	cb67ab87f6	feat: disable ghns by default	2024-03-21 19:50:36 -07:00
qoijjj	f7856e7098	Revert "feat: add image tag warning to advise users not to use specific tags" This reverts commit `3dc08c057c`.	2024-03-21 14:12:24 -07:00
qoijjj	3dc08c057c	feat: add image tag warning to advise users not to use specific tags	2024-03-21 12:39:32 -07:00
qoijjj	6d4884e3ad	fix: just: remove broken karg entirely and remove just commands that were merged upstream	2024-03-21 12:34:09 -07:00
qoijjj	e53449e86e	docs: fix broken markdown table	2024-03-20 17:47:03 -07:00
qoijjj	476252c130	chore: additional chromium improvements	2024-03-18 19:49:58 -07:00
qoijjj	b9f4abc3b8	feat: add chromium VAAPI flags	2024-03-18 19:11:41 -07:00
qoijjj	6732e2caa8	chore: remove unnecessary quotes	2024-03-18 18:46:03 -07:00
qoijjj	09032c19b0	docs: pull in new patch details from Vanadium	2024-03-18 15:53:20 -07:00
qoijjj	be9f5a54d4	docs: readability improvements	2024-03-18 15:01:22 -07:00
qoijjj	e53fac6fec	feat: additional chromium hardening	2024-03-18 14:54:17 -07:00
fiftydinar	efba15919d	fix: Assure that "disabling CoreDump tweak" is applied correctly (#241 ) * fix: Assure that "disabling CoreDump tweak" is applied correctly Since Fedora uses systemd, we need to make this change too, else it won't be applied throughout the system, but only in SSH/TTY sessions. Bluefin had the same issue with open-file limits tweak here: https://github.com/ublue-os/bluefin/pull/988 I usually put those config overrides to `/usr/lib`, but I will put them in `/usr/etc` to comply with the project's structure. As far as I look, this is the only tweak which needs this systemd conf change. * fix: Assure that "disabling CoreDump tweak" is applied correctly Since Fedora uses systemd, we need to make this change too, else it won't be applied throughout the system, but only in SSH/TTY sessions. Bluefin had the same issue with open-file limits tweak here: https://github.com/ublue-os/bluefin/pull/988 I usually put those config overrides to `/usr/lib`, but I will put them in `/usr/etc` to comply with the project's structure. As far as I look, this is the only tweak which needs this systemd conf change. Signed-off-by: fiftydinar <65243233+fiftydinar@users.noreply.github.com> --------- Signed-off-by: fiftydinar <65243233+fiftydinar@users.noreply.github.com>	2024-03-15 12:36:20 -07:00
qoijjj	9d19d8a9f3	feat: set yaml files as detectable by github	2024-03-13 13:27:40 -07:00
qoijjj	1ce6b06828	feat: justfile improvements	2024-03-13 12:58:31 -07:00
qoijjj	83ad8d1377	improve: move upower workaround to scripts	2024-03-13 12:48:58 -07:00
qoijjj	718a53b7f6	docs: formatting improvements	2024-03-11 16:32:13 -07:00
qoijjj	ce5f3a41e3	fix: justfile name collision with upstream	2024-03-11 16:30:19 -07:00
qoijjj	c9fc2a1401	fix: deprecated-images.json location	2024-03-11 15:24:00 -07:00
qoijjj	efb19a6605	chore: deprecate images that are no longer needed	2024-03-11 14:41:40 -07:00
qoijjj	a15fe0bc1c	docs: fix link to JIT setting	2024-03-10 00:31:03 -08:00
qoijjj	c40ebeec72	feat: additional justfile improvements	2024-03-10 00:02:37 -08:00
qoijjj	195d2e90ff	feat: various justfile improvements	2024-03-09 17:38:53 -08:00
qoijjj	0c9ffd0ee0	fix: made motd script +x	2024-03-07 17:01:16 -08:00
qoijjj	731282e84d	chore: various motd improvements	2024-03-07 16:26:48 -08:00
qoijjj	f4104d4156	feat: add MOTD	2024-03-07 15:13:19 -08:00
qoijjj	7c6a453a83	chore: improve clarity of flathub modification step in yafti	2024-03-06 10:55:31 -08:00
qoijjj	e485ec92eb	fix: revert one of the previous changes as it has no change from the default	2024-03-04 11:45:23 -08:00
qoijjj	073c40b456	improve: add additional chromium hardening policies	2024-03-04 10:14:54 -08:00
qoijjj	932a68d334	docs: additional update to reflect new upstream patches	2024-02-27 17:21:18 -08:00
qoijjj	d4b973a8ce	docs: update to reflect additional chromium patches	2024-02-27 17:16:24 -08:00
qoijjj	e34d5d7a0d	chore: remove unused files from migration	2024-02-26 10:25:48 -08:00
qoijjj	00d9871e70	chore: update chromium switches to match upstream JIT changes	2024-02-22 22:39:11 -08:00
qoijjj	993c66b6d0	chore: fix broken link	2024-02-22 13:24:10 -08:00
qoijjj	36feed3730	fix: remove duplicate line	2024-02-20 22:35:59 -08:00
qoijjj	2984116ec2	chore: disable bluetooth by default	2024-02-20 22:33:15 -08:00
qoijjj	dc9889eeec	chore: request compiler argument changes upstream	2024-02-19 19:56:11 -08:00

1 2 3

111 Commits