scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-07 22:03:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
826 Commits 1 Branch 0 Tags
ec4fd2bfe87989e7459c9917cc3effda5146d364
Commit Graph

72 Commits

Author SHA1 Message Date
qoijjj
ec4fd2bfe8 chore: chromium documentation and flag additions 2024-06-25 17:24:23 -07:00
qoijjj
64426b9a35 fix: create missing directories for usbguard and setroubleshoot 2024-06-25 16:46:55 -07:00
qoijjj
71f2b3a64b chore: remove redundant sysctl that has no effect on fedora's kernel 2024-06-22 14:51:16 -07:00
qoijjj
408f7d7f51 feat: add build-container-installer signing 2024-06-21 09:14:22 -07:00
qoijjj
791f8846bb feat: add davincibox container signing policy 2024-06-17 00:12:53 -07:00
qoijjj
c254835126 fix: add container signing exception for build-container installer while waiting for upstream fix 2024-06-16 11:22:15 -07:00
qoijjj
f7d7e2e299 fix: flag removal sed command 2024-06-02 14:21:47 -07:00
qoijjj
2fcb97e5f7 feat: remove unnecessary flag set upstream 2024-06-02 13:43:35 -07:00
qoijjj
d473326673 feat: set strict chromium extension content and install verification 2024-06-02 13:25:45 -07:00
qoijjj
cdbc3ab677 fix: typo 2024-06-01 23:09:18 -07:00
qoijjj
f38bf8818a fix: point chromium config script at /etc 2024-06-01 22:37:14 -07:00
qoijjj
3cb9143591 chore: update chromium.conf to reflect upstream fixes 2024-06-01 22:23:35 -07:00
qoijjj
c627d6baa4 fix: remove broken upstream logic in chromium.conf 2024-05-28 12:24:13 -07:00
qoijjj
ddaef7ca3f fix: temporary chromium changes awaiting upstream PRs 2024-05-28 11:35:45 -07:00
qoijjj
d34c8e5892 fix: wrong quotes in script 2024-05-28 11:20:08 -07:00
qoijjj
4ec0bb93b7 feat: move chromium flags to a script to append to upstream 2024-05-28 10:06:24 -07:00
qoijjj
3b40dc0b41 feat: disable all vscode telem by default for dx images 2024-05-23 12:56:18 -07:00
qoijjj
c4b73ca409 feat: add back container policy hardening 2024-05-16 13:18:12 -07:00
qoijjj
459acc2fb5 fix: use separate signing module for shared cosign pubkey across secu… (#279) 
* fix: use separate signing module for shared cosign pubkey across secureblue images

* fix: use secureblue-signing

* fix script

* fix script (again)
 2024-05-16 12:11:02 -07:00
qoijjj
f673ae01f3 fix: reference repos in /etc instead of /usr/etc 2024-05-14 15:57:11 -07:00
qoijjj
76db56ccc1 fix: mirror script 2024-05-14 15:51:09 -07:00
qoijjj
3b9ae540ac feat: always use https mirrors for layering 2024-05-14 15:30:17 -07:00
qoijjj
d3169a1132 feat: harden container policy.json 2024-05-14 13:29:34 -07:00
qoijjj
9d6b7c60ff feat: opt out of homebrew analytics by default 2024-05-13 17:23:29 -07:00
qoijjj
cdbe5e9719 fix: include wget script 2024-05-09 19:44:52 -07:00
qoijjj
f3ec42e58e feat: add necessary init script, then add additional selinux tooling with alerts disabled by default 2024-04-07 20:37:23 -07:00
qoijjj
3be6988aa4 revert: feat: add additional selinux tooling, until bluebuild supports this package 2024-04-06 19:38:33 -07:00
qoijjj
b8db54dd62 feat: add additional selinux tooling 2024-04-06 13:45:03 -07:00
qoijjj
29eee4b804 fix: create parent dirs for upower on server images 2024-03-13 13:39:21 -07:00
qoijjj
83ad8d1377 improve: move upower workaround to scripts 2024-03-13 12:48:58 -07:00
qoijjj
6686d9ecc9 chore: remove deprecated images 2024-03-11 18:04:13 -07:00
qoijjj
67180c5a02 fix: update addchromiumdesktopfile.sh to reflect upstream changes 2024-03-07 22:08:39 -08:00
qoijjj
e34d5d7a0d chore: remove unused files from migration 2024-02-26 10:25:48 -08:00
qoijjj
1568df0fad fix: use improved workaround for nvidia optimus on gnome 2024-02-15 19:46:21 -08:00
qoijjj
5dc1f9198f improve: only set nvidia power management for nvidia laptop images 2024-01-25 23:00:00 -08:00
qoijjj
2a68fafeb3 fix: build for server images 2024-01-25 22:05:16 -08:00
qoijjj
06f6aa788d fix: switch to a resolved drop-in 2024-01-22 13:43:25 -08:00
qoijjj
a374ce5ae9 feat: opportunistic DNSSEC and DNSOverTLS 2024-01-22 13:10:21 -08:00
qoijjj
af121aa652 feat: cinnamon images with wayland session, improvements for nvidia optimus laptops 2024-01-21 16:02:25 -08:00
qoijjj
eaffb60cb5 fix: build failure 2024-01-09 18:13:08 -08:00
qoijjj
7d63ce5804 fix: firewall config name for server, and file permissions 2024-01-09 17:36:42 -08:00
qoijjj
f99da857c7 improve: various configs and file permissions 2024-01-09 13:14:21 -08:00
qoijjj
7c552f85cf use file override instead of script for ssh firewall rule 2024-01-09 01:05:04 -08:00
qoijjj
192d3bb6f7 enable ssh for server variants 2024-01-09 00:47:59 -08:00
qoijjj
e768d4a0f6 fix: coreos images to allow image signing 2024-01-08 01:25:09 -08:00
qoijjj
e511f85c6b fix: dirname in script 2024-01-08 00:54:56 -08:00
qoijjj
38ff34f90a cleanup server packages 2024-01-08 00:33:00 -08:00
qoijjj
65906a2c5d ensure policy.json exists 2024-01-08 00:06:03 -08:00
qoijjj
88d39b3c17 for create containers dir 2024-01-07 23:51:35 -08:00
qoijjj
b2cd52d28e include wget for server images 2024-01-06 20:04:09 -08:00