scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-06 05:17:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 0410a65af6 docs: adjust headers qoijjj 2024-07-23 06:25:18 -07:00
  • a60f535a34 docs: fix unclosed <sup> qoijjj 2024-07-22 18:29:59 -07:00
  • c9560fb0e1 docs: more consise headers qoijjj 2024-07-22 18:29:15 -07:00
  • b9f7eecaf3 docs: reorganize and add recommended section qoijjj 2024-07-22 18:28:23 -07:00
  • 23fde33ad6 feat: disable geoclue by default qoijjj 2024-07-22 17:38:27 -07:00
  • 5fe5ccc67d fix: whitespace issue qoijjj 2024-07-21 14:43:17 -07:00
  • 3187065cbf chore: add back executable bit where needed qoijjj 2024-07-21 14:35:26 -07:00
  • 0c1551df09 chore: bump dependencies and migrate to bluebuild 1.6 qoijjj 2024-07-21 14:33:53 -07:00
  • cee19df852 Have yafti run ujust harden-flatpak instead of duplicating its code (#323) spaceoden 2024-07-20 21:35:34 -08:00
  • 3f267251d9 fix: unpin images now that upstream is fixed qoijjj 2024-07-20 21:56:06 -07:00
  • e536efadc7 Update 60-custom.just.readme.md to identify command inclusion (#320) spaceoden 2024-07-19 10:32:45 -08:00
  • 34759e24d2 fix: wayblue image tag qoijjj 2024-07-19 01:44:52 -07:00
  • 5254dfc744 fix: use correct tag qoijjj 2024-07-19 01:24:45 -07:00
  • b877fd5d6a fix: temporarily set known good image due to upstream issue qoijjj 2024-07-19 01:10:15 -07:00
  • 9fffc9460d fix: remove setroubleshoot gui from server images qoijjj 2024-07-18 23:21:57 -07:00
  • 9102caf67e docs: clarify readme qoijjj 2024-07-17 17:40:45 -07:00
  • 6bf739f930 docs: fix typo qoijjj 2024-07-14 23:29:07 -07:00
  • 35d44f87a8 docs: formatting qoijjj 2024-07-14 23:28:30 -07:00
  • c35691a091 docs: clarify scope (#319) qoijjj 2024-07-14 23:27:18 -07:00
  • a3701c7e4f Update chrony.conf (#317) Tommy 2024-07-11 20:21:23 -07:00
  • 8e14992100 Consistency Fix (#316) Tommy 2024-07-11 20:04:39 -07:00
  • f38a520295 Cleaner syntax for disabling ICMP Redirect (#314) Tommy 2024-07-11 11:43:18 -07:00
  • 081a2d2978 fix: disable automatic PR builds qoijjj 2024-07-11 10:43:33 -07:00
  • ffc88b6c9b Disable SSH Stream Local Forwarding & Lowering Config Priority (#312) Tommy 2024-07-11 10:39:29 -07:00
  • df4a19f280 fix: use JIT cli setting instead of policy setting (see https://github.com/secureblue/secureblue/issues/304) qoijjj 2024-07-10 09:51:53 -07:00
  • f9784d83d7 chore: switch server images to fcos-testing due to stable lagging on patches qoijjj 2024-07-05 22:38:30 -07:00
  • 79e30ea6d2 docs: add zfs images to readme qoijjj 2024-07-02 13:42:35 -07:00
  • eec977755b feat: add server images with zfs built-in qoijjj 2024-07-02 13:42:04 -07:00
  • a25075facc feat: update chromium configuration qoijjj 2024-07-01 23:45:00 -07:00
  • 9c7630cc79 Improve ALSR effectiveness for mmap (#307) Tommy 2024-07-01 18:39:35 -07:00
  • 667dd4acea chore: ensure /etc/usbguard directory is readable qoijjj 2024-07-01 18:02:20 -07:00
  • 7f090137dc io_uring typo fix (#306) Tommy 2024-07-01 17:45:02 -07:00
  • 237f6235e1 chore: ensure usbguard-notifier is present qoijjj 2024-07-01 16:55:26 -07:00
  • 018608bcb0 chore: update MOTD text qoijjj 2024-07-01 12:41:32 -07:00
  • f9c3e15b3f fix: colord issue on no-userns images qoijjj 2024-07-01 11:18:05 -07:00
  • 8f2a9b16cc chore: add usbguard-notifier to usbguard setup ujust command qoijjj 2024-06-30 12:16:04 -07:00
  • bebb18c06c fix: set executable flag on caps script qoijjj 2024-06-29 23:42:19 -07:00
  • bc325cca6d feat: replace SUID root with capabilities where possible (#303) qoijjj 2024-06-29 10:34:06 -07:00
  • f6d8037b26 fix: temp fix bug due to upstream chromium flag change qoijjj 2024-06-29 10:32:53 -07:00
  • 9f92777c95 feat: add anticheat toggle to justfile qoijjj 2024-06-27 23:51:50 -07:00
  • 6180c4f4c8 docs: update steam FAQ qoijjj 2024-06-27 23:27:49 -07:00
  • 2f856069ee docs: add usbguard setup step to postinstall instructions qoijjj 2024-06-26 08:48:32 -07:00
  • 27db2dbfa7 fix: usbguard ujust command qoijjj 2024-06-25 19:38:16 -07:00
  • 99ff4757ec feat: add usbguard and yafti ujust commands qoijjj 2024-06-25 17:47:45 -07:00
  • 4df6e03846 fix: build error caused by missing script parameter qoijjj 2024-06-25 17:32:45 -07:00
  • ec4fd2bfe8 chore: chromium documentation and flag additions qoijjj 2024-06-25 17:24:23 -07:00
  • 64426b9a35 fix: create missing directories for usbguard and setroubleshoot qoijjj 2024-06-25 16:46:55 -07:00
  • 53183dd6e6 chore: adjust build time to reflect upstream schedule change qoijjj 2024-06-23 20:58:21 -07:00
  • 71f2b3a64b chore: remove redundant sysctl that has no effect on fedora's kernel qoijjj 2024-06-22 14:51:16 -07:00
  • 408f7d7f51 feat: add build-container-installer signing qoijjj 2024-06-21 09:14:22 -07:00
  • 2e2725346b chore: remove redundant fb blacklists already blacklisted by fedora qoijjj 2024-06-19 11:19:49 -07:00
  • 4b21d959e8 feat: add additional filesystems to the blacklist (#292) qoijjj 2024-06-19 11:05:04 -07:00
  • 8bd6269976 docs: fix typo qoijjj 2024-06-18 19:21:18 -07:00
  • 7e609dc39e docs: include post-install note about flatpak hardened_malloc instruction set optimizations qoijjj 2024-06-18 19:11:24 -07:00
  • cb00ab019e Revert all temporary fixes due to upstream issue qoijjj 2024-06-18 18:32:29 -07:00
  • 1c13f7a527 fix: sericea temporarily pinned version qoijjj 2024-06-18 14:04:47 -07:00
  • 828f8ef2cf fix: build fixes resulting from upstream breakage qoijjj 2024-06-18 13:35:03 -07:00
  • cf10674a3a fix: pinning last good upstream build 20240616 temporarily, due to upstream breakage qoijjj 2024-06-18 13:07:27 -07:00
  • 2a3bbc247d fix: temporary build changes due to recent upstream breakage qoijjj 2024-06-18 12:55:18 -07:00
  • c6724ec997 fix: temporarily pinning 40-20240617 due to upstream breakage (https://github.com/fedora-silverblue/issue-tracker/issues/543) qoijjj 2024-06-18 12:42:37 -07:00
  • 456cac1804 Blacklist reiserfs (#290) Tommy 2024-06-18 11:49:11 -07:00
  • c38d505e24 fix: use sigstore attachments for davincibox qoijjj 2024-06-17 00:45:12 -07:00
  • 791f8846bb feat: add davincibox container signing policy qoijjj 2024-06-17 00:12:53 -07:00
  • 91b823b195 Use /bin/false everywhere in kernel module blacklist (#288) Tommy 2024-06-16 20:51:20 -07:00
  • c254835126 fix: add container signing exception for build-container installer while waiting for upstream fix qoijjj 2024-06-16 11:22:15 -07:00
  • 062237545e fix: remove Chromium policies that are deprecated and not applicable (#286) friendly-rabbit-35 2024-06-15 23:02:42 -07:00
  • 1d41d846c6 fix: gnome console terminal replacement due to recurring dependency issues qoijjj 2024-06-14 07:44:07 -07:00
  • fb98c74e4e docs: update based on latest policy qoijjj 2024-06-11 19:07:55 -07:00
  • 8a74542573 chore: remove policies for whom the default setting requires user consent qoijjj 2024-06-11 18:02:31 -07:00
  • 8fed632ba8 docs: fix broken link qoijjj 2024-06-10 22:13:54 -07:00
  • cfe7314af1 Disable fs.binfmt_misc.status (#282) Tommy 2024-06-08 18:02:50 -07:00
  • 8589c5742e chore: remove redundant package installed by module already qoijjj 2024-06-06 09:42:40 -07:00
  • d747acdfac chore: remove python3-pip as it causes hardlinking issues qoijjj 2024-06-05 23:25:10 -07:00
  • df2daf1736 chore: drop swappiness sysctl in favor of the default qoijjj 2024-06-04 08:53:52 -07:00
  • b17446c3bb chore: add debugfs=off (working again) back to unstable kargs qoijjj 2024-06-02 22:01:43 -07:00
  • 3cc114c80a chore: add additional modules to blacklist qoijjj 2024-06-02 21:43:57 -07:00
  • c283e2677d chore: document module blacklist and fix typos qoijjj 2024-06-02 21:36:42 -07:00
  • 6382e93570 docs: add donation link to readme qoijjj 2024-06-02 16:00:33 -07:00
  • 5c969d40c1 docs: update donation page qoijjj 2024-06-02 15:58:17 -07:00
  • 6a91fc8a94 docs: add initial DONATE page qoijjj 2024-06-02 15:40:59 -07:00
  • f7d7e2e299 fix: flag removal sed command qoijjj 2024-06-02 14:21:47 -07:00
  • 87ad303f5d chore: fix tabs/spaces qoijjj 2024-06-02 14:18:12 -07:00
  • 2fcb97e5f7 feat: remove unnecessary flag set upstream qoijjj 2024-06-02 13:43:35 -07:00
  • b897d2a87f docs: add details for new chromium flags qoijjj 2024-06-02 13:38:04 -07:00
  • 44b433ff9d feat: audio and network sandboxes in chromium policies qoijjj 2024-06-02 13:35:32 -07:00
  • d473326673 feat: set strict chromium extension content and install verification qoijjj 2024-06-02 13:25:45 -07:00
  • fdc05bb33a fix: move chromium script to gui-scripts qoijjj 2024-06-01 23:13:58 -07:00
  • cdbc3ab677 fix: typo qoijjj 2024-06-01 23:09:18 -07:00
  • f38bf8818a fix: point chromium config script at /etc qoijjj 2024-06-01 22:37:14 -07:00
  • 3cb9143591 chore: update chromium.conf to reflect upstream fixes qoijjj 2024-06-01 22:23:35 -07:00
  • c627d6baa4 fix: remove broken upstream logic in chromium.conf qoijjj 2024-05-28 12:24:13 -07:00
  • ddaef7ca3f fix: temporary chromium changes awaiting upstream PRs qoijjj 2024-05-28 11:35:45 -07:00
  • d34c8e5892 fix: wrong quotes in script qoijjj 2024-05-28 11:20:08 -07:00
  • 4ec0bb93b7 feat: move chromium flags to a script to append to upstream qoijjj 2024-05-28 10:06:24 -07:00
  • 83da62112d docs: minor clarification qoijjj 2024-05-24 00:24:25 -07:00
  • 3b40dc0b41 feat: disable all vscode telem by default for dx images qoijjj 2024-05-23 12:56:18 -07:00
  • fcad88df91 docs: update vanadium comparison qoijjj 2024-05-22 23:05:45 -07:00
  • d3f6ae206e feat: set distrobox/toolbox to default to signed images (#280) qoijjj 2024-05-18 15:08:52 -07:00
  • 51327c6599 chore: use common registry config file name qoijjj 2024-05-16 21:11:34 -07:00
  • b9baa5a978 chore: set maximize_build_space to true qoijjj 2024-05-16 16:07:52 -07:00