scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-02 19:38:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,116 Commits 1 Branch 0 Tags
e86816d0526d78449bd9775d82f9989b520f441c
Commit Graph

1116 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
qoijjj
3a6ef0ef3f chore: remove libguestfs-xfs from dx images due to fuse dependency 2024-10-03 23:00:11 -07:00
qoijjj
0c3a33b2b1 chore: remove virt-v2v due to fuse dependency 2024-10-03 15:10:48 -07:00
qoijjj
60d0329cbf chore: remove additional package from dx images for fuse removal 2024-10-03 14:49:46 -07:00
qoijjj
3dbbf761a8 docs: add more details to recommended.md 2024-09-30 23:51:38 -07:00
qoijjj
99e1a8f17b docs: formatting improvements 2024-09-30 23:46:02 -07:00
qoijjj
c1a6df74e6 fix: clashing quotes 2024-09-30 13:58:39 -07:00
qoijjj
4a1dd61a31 fix: import brew justfile 2024-09-30 13:07:27 -07:00
qoijjj
eab9aa1894 docs: update FAQ and Sponsor sections 2024-09-30 09:32:53 -07:00
qoijjj
288d6fe236 chore: move rechunked scripts after the files module 2024-09-29 00:31:39 -07:00
qoijjj
989389e8da chore: switch rechunked images to hardened_malloc-light and demote them to experimental 2024-09-29 00:13:44 -07:00
qoijjj
e0554019bb chore: update nvidia postinstall kargs 2024-09-28 21:38:57 -07:00
Rubiginosa
c1ec422eab feat: add check for D-Bus access (#432) 2024-09-28 20:29:13 -07:00
qoijjj
c68039132a fix: add brew justfile due to upstream move 2024-09-20 23:41:28 -07:00
qoijjj
318cb00ce4 docs: improve accuracy of recommended.md 2024-09-18 12:21:44 -07:00
qoijjj
c5e4a253f1 docs: formatting for recommended.md 2024-09-16 14:03:00 -07:00
qoijjj
333cb2a559 chore: remove deprecated server images 2024-09-16 13:40:48 -07:00
graphenelover
32c65bd66e docs: Add source links to RECOMMENDED.md (#427) 
* futher clarify why mv2 won't be enabled

* add link explaining mv3 superior security over mv2

* add space

* Update RECOMMENDED.md

* add missing punctuation.

* changes as requested

* fix wording

* Update RECOMMENDED.md

* remove unnecessary word
 2024-09-15 23:10:22 -07:00
Bruno
66d8b731e6 fix: check for gnome-shell instead of gsettings in one test (#424) 2024-09-11 09:56:52 -07:00
Bruno
99ccbb20ff fix: broken link in readme file (#423) 
* fix: broken link in readme file

* fix: stop checking for GNOME extensions on securecore

* fix: revert undue (last) commit
 2024-09-10 18:52:46 -07:00
Rubiginosa
8333bcf2f5 feat: add check for hardened_malloc flatpak preload (#412) 
* updated has_permission to use regex matching

* added flatpak check for hardened_malloc

* changed hasPermission to maintain old behavior for strings
 2024-09-10 10:33:14 -07:00
qoijjj
8a0e957c8d docs: add additional details 2024-09-03 01:59:08 -07:00
qoijjj
99bc82ccf5 fix: fuse removal only required for non-server images 2024-09-03 01:57:33 -07:00
qoijjj
8a2c5ce0ef docs: formatting fix 2024-08-31 14:37:35 -07:00
qoijjj
86fe2b6ae8 docs: add FAQ about fuse2 and AppImages 2024-08-31 14:36:40 -07:00
Rubiginosa
b5f5d2afa0 feat: refactor flatpak audit for readability and extensibility (#414) 
* refactored flatpak audit to be more extensible

* fixed old typo

* added warning string array for flatpak audit
 2024-08-30 15:28:56 -07:00
Bruno
79471e2141 fix: audit script improvements (GHNS test, order of tests) (#415) 
* only test GHNS if kdeglobals exist

* place faster tests before the slower flatpak audit
 2024-08-30 13:45:15 -07:00
qoijjj
2a3c5fe79e fix: typo in rpm-ostreed.conf 2024-08-29 22:23:12 -07:00
Bruno
e143c48e26 chore: several audit script improvements 2024-08-29 21:01:40 -07:00
Ivo Damjanović
fefc64baba feat: stop overwriting 60-custom.just for better compatibility with upstream bluebuild and downstream user builds (#409) 
* feat: create addjustconfig.sh to include custom commands at buildtime

* fix: 60-custom.just.readme.md to 61-custom.just.readme.md

* fix: Rename 60-custom.just to 61-custom.just

* feat: add just config script to enabled scripts

* fix: rename to 70-secureblue.just

* fix: Rename 61-custom.just.readme.md to 70-secureblue.just.readme.md

* fix: rename to 70-secureblue.just
 2024-08-29 11:53:56 -07:00
qoijjj
8a4606de4a fix: use Kinoite base for cosmic iso generation 2024-08-29 11:13:10 -07:00
qoijjj
b442fccee6 feat: add back Recommends=false to rpm-ostreed.conf 
due to upstream reversion
 2024-08-28 15:22:02 -07:00
qoijjj
d5be94b441 fix: ensure all relevant firstboot files are removed 2024-08-28 15:04:26 -07:00
qoijjj
73ed50b4d4 feat: remove unused binaries from setcaps function 2024-08-27 16:54:28 -07:00
qoijjj
812deea101 chore: remove fuse and passim 
passim is an optional dependency that runs a systemd service, fuse (fuse2) is unmaintained and requires a suid/cap binary
 2024-08-27 16:40:59 -07:00
qoijjj
d63a6b9bff docs: move bluefin from recommended to stable 
Recurring bugs prevent it from being recommendable
 2024-08-26 11:26:28 -07:00
qoijjj
a329524441 fix: justfile typo 2024-08-26 10:44:49 -07:00
qoijjj
e41d963841 feat: multiple securecore improvements 2024-08-26 09:45:20 -07:00
qoijjj
185f539364 fix: securecore build 2024-08-26 00:32:31 -07:00
qoijjj
73c459420b fix: securecore signing 2024-08-25 23:58:33 -07:00
qoijjj
8eb959669a feat: begin server->securecore migration 2024-08-25 23:27:36 -07:00
fine2006
c8e1630d95 fix: minor spelling mistake (#396) 2024-08-25 23:20:40 -07:00
graphenelover
05392582f4 docs: further clarify why mv2 won't be enabled (#395) 
* futher clarify why mv2 won't be enabled

* add link explaining mv3 superior security over mv2

* add space
 2024-08-25 13:10:41 -07:00
qoijjj
967c7551ad feat: sgid reduction (#392) 
* feat: also remove sgid bit

* Update yafti.yml

* Update yafti.yml
 2024-08-23 14:13:22 -07:00
qoijjj
c526c770ba feat: additional setuid reduction and removal of unused packages (#388) 
* feat: additional setuid reduction and removal of unused packages

* leave packages but keep suid removal
 2024-08-23 00:00:54 -07:00
qoijjj
c711b3c398 feat: include brew autoupdate services 2024-08-22 22:38:00 -07:00
qoijjj
1b5e539ec2 fix: audit script cleanup 2024-08-22 12:03:22 -07:00
Rubiginosa
51ad84b1ad feat: Add flatpak auditing to audit-secureblue (#377) 
* increase spacing on print_status

* Merged audit-flatpak into audit-secureblue

* print flatpak remote success

---------

Co-authored-by: qoijjj <129108030+qoijjj@users.noreply.github.com>
 2024-08-21 13:22:11 -07:00
qoijjj
aaf3e4d344 fix: set Recommends=false while waiting for upstream 2024-08-21 13:12:51 -07:00
Ivo Damjanović
826994592a feat: squash the layered images (#386) 
feat: squash reduces the number of custom layers to 1.
 2024-08-21 13:11:44 -07:00
Ivo Damjanović
0e3912c3b6 fix: remove -base from the naming scheme of the cosmic images (#385) 2024-08-21 12:12:56 -07:00