scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-03 20:07:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,026 Commits 1 Branch 0 Tags
e52f01300753062b6af3d8cb74be0c13d263b84c
Commit Graph

32 Commits

Author SHA1 Message Date
qoijjj
e52f013007 fix: include missing script in gui-scripts 2024-10-05 00:51:04 -07:00
qoijjj
ef31725665 fix: disable nfs daemons instead of removing packages due to postuninstall bug in nfs-utils 2024-10-05 00:09:53 -07:00
qoijjj
7d8c9dcf98 feat: disable auxiliary services by default 2024-10-04 23:50:14 -07:00
qoijjj
24a005ce99 chore: disable avahi-daemon by default 2024-10-04 23:07:27 -07:00
qoijjj
c1a6df74e6 fix: clashing quotes 2024-09-30 13:58:39 -07:00
qoijjj
4a1dd61a31 fix: import brew justfile 2024-09-30 13:07:27 -07:00
qoijjj
989389e8da chore: switch rechunked images to hardened_malloc-light and demote them to experimental 2024-09-29 00:13:44 -07:00
qoijjj
c68039132a fix: add brew justfile due to upstream move 2024-09-20 23:41:28 -07:00
Ivo Damjanović
fefc64baba feat: stop overwriting 60-custom.just for better compatibility with upstream bluebuild and downstream user builds (#409) 
* feat: create addjustconfig.sh to include custom commands at buildtime

* fix: 60-custom.just.readme.md to 61-custom.just.readme.md

* fix: Rename 60-custom.just to 61-custom.just

* feat: add just config script to enabled scripts

* fix: rename to 70-secureblue.just

* fix: Rename 61-custom.just.readme.md to 70-secureblue.just.readme.md

* fix: rename to 70-secureblue.just
 2024-08-29 11:53:56 -07:00
qoijjj
d5be94b441 fix: ensure all relevant firstboot files are removed 2024-08-28 15:04:26 -07:00
qoijjj
185f539364 fix: securecore build 2024-08-26 00:32:31 -07:00
qoijjj
967c7551ad feat: sgid reduction (#392) 
* feat: also remove sgid bit

* Update yafti.yml

* Update yafti.yml
 2024-08-23 14:13:22 -07:00
qoijjj
c526c770ba feat: additional setuid reduction and removal of unused packages (#388) 
* feat: additional setuid reduction and removal of unused packages

* leave packages but keep suid removal
 2024-08-23 00:00:54 -07:00
qoijjj
c711b3c398 feat: include brew autoupdate services 2024-08-22 22:38:00 -07:00
qoijjj
8c9d2e341c chore: remove patch merged upstream 2024-08-20 11:33:20 -07:00
qoijjj
9d929fb087 chore: adjust patch in response to upstream changes 2024-08-19 15:20:41 -07:00
qoijjj
5d4d755b96 chore: remove unusable toggle-nvk just command 2024-08-18 22:04:23 -07:00
qoijjj
4c04c11b90 fix: typo in justfile script 2024-08-18 20:21:41 -07:00
qoijjj
357ce2934e feat: add tpm2 unlock improvements 2024-08-18 20:00:33 -07:00
qoijjj
78198f4e5a feat: patch brew installation just command to not require wheel 2024-08-18 18:35:56 -07:00
Ivo Damjanović
94eca70c71 fix: container policy hardening script for cosmic images (#367) 2024-08-10 20:54:31 -07:00
qoijjj
0104d6a697 fix: revert container policy hardening migration to /etc until upstream migrates 2024-08-08 17:28:44 -07:00
qoijjj
3fb96ece10 chore: move /usr/etc to /etc per upstream rpm-ostree recommendation 2024-08-08 15:48:30 -07:00
qoijjj
78b531846d chore: fix build by isolating silverblue-only package 2024-08-06 10:39:05 -07:00
qoijjj
2318f83a9a chore: ensure package consistency across images 2024-08-06 10:01:13 -07:00
qoijjj
b31aff0994 fix: prevent bluefin yafti from starting 2024-07-30 00:22:30 -07:00
qoijjj
abcdd4e3ac chore: remove chsh 2024-07-28 21:39:58 -07:00
qoijjj
45c9506980 feat: switch to hardened-chromium (#343) 
* fix: selinux policy for chrome suid sandbox

* feat: switch to hardened-chromium
 2024-07-28 21:12:45 -07:00
qoijjj
c16debbdd4 Revert "feat: switch to hardened-chromium (#332)" 
This reverts commit 721ad757b5.
 2024-07-25 00:15:25 -07:00
qoijjj
721ad757b5 feat: switch to hardened-chromium (#332) 2024-07-24 23:35:23 -07:00
qoijjj
23fde33ad6 feat: disable geoclue by default 2024-07-22 17:38:27 -07:00
qoijjj
0c1551df09 chore: bump dependencies and migrate to bluebuild 1.6 2024-07-21 14:33:53 -07:00