scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-03 11:58:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
629 Commits 1 Branch 0 Tags
993c66b6d06abd3e0eb7dc51172b5a193d53e03d
Commit Graph

65 Commits

Author SHA1 Message Date
qoijjj
993c66b6d0 chore: fix broken link 2024-02-22 13:24:10 -08:00
qoijjj
36feed3730 fix: remove duplicate line 2024-02-20 22:35:59 -08:00
qoijjj
2984116ec2 chore: disable bluetooth by default 2024-02-20 22:33:15 -08:00
qoijjj
dc9889eeec chore: request compiler argument changes upstream 2024-02-19 19:56:11 -08:00
qoijjj
b1f85b7c76 chore: document secureblue counterpart for vanadium patches and add additional policies 2024-02-18 12:14:36 -08:00
qoijjj
ad9e8262b9 chore: document secureblue counterpart for vanadium patches and add additional policies 2024-02-18 01:11:54 -08:00
trytomakeyouprivate
51ad6742e6 hardening: changed "debugfs" to experimental/breaking 2024-02-15 18:49:22 -08:00
qoijjj
c701e2ae21 chore: add --noexpose_wasm to chromium flags for consistency 
wasm is already disabled by --jitless, this gets rid of the warning.
 2024-02-13 10:51:21 -08:00
qoijjj
05723949f9 fix: move rpm-ostree yafti steps to POSTINSTALL-README 2024-02-01 17:33:58 -08:00
qoijjj
c737472a2d Merge branch 'template' into live 2024-01-27 17:22:45 -08:00
xyny
b16868f401 chore: remove yafti files (#229) 2024-01-27 16:12:51 +00:00
qoijjj
5dc1f9198f improve: only set nvidia power management for nvidia laptop images 2024-01-25 23:00:00 -08:00
qoijjj
c2a437c2ac docs: source link for chrony config 2024-01-25 22:24:00 -08:00
qoijjj
0274a612ef fix: remove unused preload override 2024-01-25 22:14:22 -08:00
qoijjj
6bc46d51d6 improve: switch to drop-ins instead of full overrides 2024-01-25 21:30:47 -08:00
qoijjj
378f32202f improve: cleanup and document kargs 2024-01-25 21:14:53 -08:00
trytomakeyouprivate
1f8f69ab8e docs: fix formatting for chromium readme (#178) 
docs: fix formatting for chromium readme (#178)
 2024-01-25 12:31:43 -08:00
qoijjj
b096439521 improve: separate unstable kargs into a separate just command 2024-01-25 11:45:23 -08:00
qoijjj
0e7f763d61 docs: fix formatting 2024-01-25 11:37:38 -08:00
qoijjj
2f416b62b3 improve: add additional chromium hardening via policy 2024-01-25 11:31:31 -08:00
qoijjj
7f8802bd8d fix: kargs and karg documentation 2024-01-24 21:47:14 -08:00
qoijjj
1ac1165238 improve: remove hardened_malloc-light override for wireplumber after upstream fix 2024-01-23 10:02:39 -08:00
qoijjj
6cbd0280a8 fix: resolved config 2024-01-22 21:54:30 -08:00
qoijjj
06f6aa788d fix: switch to a resolved drop-in 2024-01-22 13:43:25 -08:00
qoijjj
c3f652528f fix: permit wheelless users to upgrade 2024-01-21 11:57:32 -08:00
qoijjj
0f1cd5a973 fix: for server, set setroubleshootd to use hardened_malloc-light 2024-01-18 23:31:34 -08:00
qoijjj
7d63ce5804 fix: firewall config name for server, and file permissions 2024-01-09 17:36:42 -08:00
qoijjj
f99da857c7 improve: various configs and file permissions 2024-01-09 13:14:21 -08:00
qoijjj
d4d4827ad1 switch server images to the ucore base 2024-01-09 11:43:46 -08:00
qoijjj
7c552f85cf use file override instead of script for ssh firewall rule 2024-01-09 01:05:04 -08:00
qoijjj
02274d14eb force sddm to use wayland 2024-01-08 12:08:10 -08:00
qoijjj
c2893cbf16 fix location of server files 2024-01-08 01:37:36 -08:00
qoijjj
e768d4a0f6 fix: coreos images to allow image signing 2024-01-08 01:25:09 -08:00
qoijjj
e85fd07756 cleanup: login.defs file 2024-01-05 10:21:39 -08:00
qoijjj
d19116bd2b Fix cups just command 2024-01-05 00:15:42 -08:00
qoijjj
183b0234c2 Merge branch 'template' into live 2024-01-04 22:33:14 -08:00
xyny
f35d3c2544 fix: add single quotes for paths 2023-12-31 10:39:17 +00:00
xyny
d6806f9327 chore: migrate justfile to import 
https://github.com/ublue-os/config/issues/178
 2023-12-27 10:20:53 +00:00
Sadoon Al-Bader
24caa87dab chromium: Disable VAAPI and enable wayland 2023-12-24 13:59:11 -08:00
qoijjj
38999d4123 Add userns-enabled variant to give the users choice on the tradeoff between userns and non-userns 2023-12-16 13:11:41 -08:00
qoijjj
1cf19d4dbd Add kargs password prompt for yafti 2023-12-13 11:39:20 -08:00
qoijjj
5dd011c078 Disable io_uring, see inline comment for details 2023-12-11 10:49:16 -08:00
qoijjj
822f4f0277 Update ld.so.preload according to #119 
https://github.com/secureblue/secureblue/issues/119
 2023-12-11 09:04:49 -08:00
qoijjj
f24704397a move jitless flag for chromium to the correct location for fedora 2023-12-10 00:47:48 -08:00
qoijjj
bee997577b Add cups back to the image and disable it by default. Include a just command to enable it if the user chooses. 2023-12-10 00:03:13 -08:00
qoijjj
6c13b8293b chronyd hardening 2023-12-09 23:30:23 -08:00
qoijjj
a3ddde977b Hardened chromium config 2023-12-09 23:22:53 -08:00
34n0
3685fa6daa feat: 🔒 harden and enable pam faillock, password encryption & quality suggestions 2023-12-08 13:40:46 -08:00
qoijjj
baf53da8b8 Add sericea images, add separate laptop images for tlp, and refactor 2023-12-07 16:06:50 -08:00
qoijjj
0aa5d6aba7 Only allow sudoless rpm-ostree for upgrades and refreshes 2023-12-05 12:23:47 -08:00