scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-08 14:23:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
826 Commits 1 Branch 0 Tags
ec4fd2bfe87989e7459c9917cc3effda5146d364
Commit Graph

826 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
qoijjj
ec4fd2bfe8 chore: chromium documentation and flag additions 2024-06-25 17:24:23 -07:00
qoijjj
64426b9a35 fix: create missing directories for usbguard and setroubleshoot 2024-06-25 16:46:55 -07:00
qoijjj
53183dd6e6 chore: adjust build time to reflect upstream schedule change 2024-06-23 20:58:21 -07:00
qoijjj
71f2b3a64b chore: remove redundant sysctl that has no effect on fedora's kernel 2024-06-22 14:51:16 -07:00
qoijjj
408f7d7f51 feat: add build-container-installer signing 2024-06-21 09:14:22 -07:00
qoijjj
2e2725346b chore: remove redundant fb blacklists already blacklisted by fedora 2024-06-19 11:19:49 -07:00
qoijjj
4b21d959e8 feat: add additional filesystems to the blacklist (#292) 2024-06-19 11:05:04 -07:00
qoijjj
8bd6269976 docs: fix typo 2024-06-18 19:21:18 -07:00
qoijjj
7e609dc39e docs: include post-install note about flatpak hardened_malloc instruction set optimizations 2024-06-18 19:11:24 -07:00
qoijjj
cb00ab019e Revert all temporary fixes due to upstream issue 2024-06-18 18:32:29 -07:00
qoijjj
1c13f7a527 fix: sericea temporarily pinned version 2024-06-18 14:04:47 -07:00
qoijjj
828f8ef2cf fix: build fixes resulting from upstream breakage 2024-06-18 13:35:03 -07:00
qoijjj
cf10674a3a fix: pinning last good upstream build 20240616 temporarily, due to upstream breakage 2024-06-18 13:07:27 -07:00
qoijjj
2a3bbc247d fix: temporary build changes due to recent upstream breakage 2024-06-18 12:55:18 -07:00
qoijjj
c6724ec997 fix: temporarily pinning 40-20240617 due to upstream breakage (https://github.com/fedora-silverblue/issue-tracker/issues/543) 2024-06-18 12:42:37 -07:00
Tommy
456cac1804 Blacklist reiserfs (#290) 
No one will fix it anytime soon
 2024-06-18 11:49:11 -07:00
qoijjj
c38d505e24 fix: use sigstore attachments for davincibox 2024-06-17 00:45:12 -07:00
qoijjj
791f8846bb feat: add davincibox container signing policy 2024-06-17 00:12:53 -07:00
Tommy
91b823b195 Use /bin/false everywhere in kernel module blacklist (#288) 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-06-16 20:51:20 -07:00
qoijjj
c254835126 fix: add container signing exception for build-container installer while waiting for upstream fix 2024-06-16 11:22:15 -07:00
friendly-rabbit-35
062237545e fix: remove Chromium policies that are deprecated and not applicable (#286) 
* Remove deprecated and inapplicable Chromium policies

* Remove mentions of deleted Chromium policies from docs
 2024-06-15 23:02:42 -07:00
qoijjj
1d41d846c6 fix: gnome console terminal replacement due to recurring dependency issues 
console can still be used in place of terminal by layering
 2024-06-14 07:44:07 -07:00
qoijjj
fb98c74e4e docs: update based on latest policy 2024-06-11 19:07:55 -07:00
qoijjj
8a74542573 chore: remove policies for whom the default setting requires user consent 
For parity with Vanadium
 2024-06-11 18:02:31 -07:00
qoijjj
8fed632ba8 docs: fix broken link 2024-06-10 22:13:54 -07:00
Tommy
cfe7314af1 Disable fs.binfmt_misc.status (#282) 2024-06-08 18:02:50 -07:00
qoijjj
8589c5742e chore: remove redundant package installed by module already 2024-06-06 09:42:40 -07:00
qoijjj
d747acdfac chore: remove python3-pip as it causes hardlinking issues 
and can be installed by layering
 2024-06-05 23:25:10 -07:00
qoijjj
df2daf1736 chore: drop swappiness sysctl in favor of the default 
Fedora uses zram so this adds no benefit unless the user manually created a swapfile. In that case the user can manually set this if desired.
 2024-06-04 08:53:52 -07:00
qoijjj
b17446c3bb chore: add debugfs=off (working again) back to unstable kargs 2024-06-02 22:01:43 -07:00
qoijjj
3cc114c80a chore: add additional modules to blacklist 2024-06-02 21:43:57 -07:00
qoijjj
c283e2677d chore: document module blacklist and fix typos 2024-06-02 21:36:42 -07:00
qoijjj
6382e93570 docs: add donation link to readme 2024-06-02 16:00:33 -07:00
qoijjj
5c969d40c1 docs: update donation page 2024-06-02 15:58:17 -07:00
qoijjj
6a91fc8a94 docs: add initial DONATE page 2024-06-02 15:40:59 -07:00
qoijjj
f7d7e2e299 fix: flag removal sed command 2024-06-02 14:21:47 -07:00
qoijjj
87ad303f5d chore: fix tabs/spaces 2024-06-02 14:18:12 -07:00
qoijjj
2fcb97e5f7 feat: remove unnecessary flag set upstream 2024-06-02 13:43:35 -07:00
qoijjj
b897d2a87f docs: add details for new chromium flags 2024-06-02 13:38:04 -07:00
qoijjj
44b433ff9d feat: audio and network sandboxes in chromium policies 2024-06-02 13:35:32 -07:00
qoijjj
d473326673 feat: set strict chromium extension content and install verification 2024-06-02 13:25:45 -07:00
qoijjj
fdc05bb33a fix: move chromium script to gui-scripts 2024-06-01 23:13:58 -07:00
qoijjj
cdbc3ab677 fix: typo 2024-06-01 23:09:18 -07:00
qoijjj
f38bf8818a fix: point chromium config script at /etc 2024-06-01 22:37:14 -07:00
qoijjj
3cb9143591 chore: update chromium.conf to reflect upstream fixes 2024-06-01 22:23:35 -07:00
qoijjj
c627d6baa4 fix: remove broken upstream logic in chromium.conf 2024-05-28 12:24:13 -07:00
qoijjj
ddaef7ca3f fix: temporary chromium changes awaiting upstream PRs 2024-05-28 11:35:45 -07:00
qoijjj
d34c8e5892 fix: wrong quotes in script 2024-05-28 11:20:08 -07:00
qoijjj
4ec0bb93b7 feat: move chromium flags to a script to append to upstream 2024-05-28 10:06:24 -07:00
qoijjj
83da62112d docs: minor clarification 2024-05-24 00:24:25 -07:00