Ben Grande
97c644a09c
fix: invert builder memory and vcpus
2024-01-20 19:51:45 +01:00
Ben Grande
422b01e0f6
feat: remove audiovm setting when unnecessary
...
Decrease audio attack surface to qubes that will never need to use it.
2024-01-20 19:34:39 +01:00
Ben Grande
0887c24a19
fix: remove unicode from used files
...
No considering license, copyright notices kept outside of the installed
directories, but excluding keys that have unicode in their comment
section.
2024-01-18 15:23:52 +01:00
Ben Grande
f5894dc6fc
doc: cleaner usage sections for qubes-builder
2024-01-08 20:08:54 +01:00
Ben Grande
42a93093dd
fix: rpc service copy to dvm
...
Upstream-commit: 7c37bb7bd65ad3a183790ad07344729504bc0930
2024-01-07 20:20:54 +01:00
Ben Grande
a17f9f5250
feat: unattended qubes-builder build
...
Split-gpg2 allows to isolate GPG home directories. In the future,
enforcing this setting via drop-in configuration would be safer, depends
on https://github.com/QubesOS/qubes-issues/issues/8792 .
2024-01-05 17:24:14 +01:00
Ben Grande
c1094046ee
fix: add user to mock group
2024-01-05 11:07:27 +01:00
Ben Grande
6bb426a057
refactor: import armored gpg keys instead of db
2024-01-03 21:40:05 +01:00
Ben Grande
0eecbcffc4
fix: unconfined qfile-unpacker
...
Upstream-commit: 0648b2329f0d142a2e24ecf376b28603fb04abb4
2024-01-03 14:35:06 +01:00
Ben Grande
083285901c
fix: remove old split-gpg from qubes-builder
2024-01-03 14:29:49 +01:00
Ben Grande
f8953c6acc
doc: better usage of split-gpg2 in qubes-builder
2023-12-28 12:26:37 +01:00
Ben Grande
b52e4b1b63
fix: strict split-gpg2 service
...
Split-gpg V1 allowed for querying public keys, but as split-gpg2 is
running as an agent, public keys are not queried. Allowing connection to
the server to query only public parts of the key exposes the server more
than needed to the client.
All clients now have to hold the public key they need locally in order
to do GPG operations.
2023-12-28 11:47:41 +01:00
Ben Grande
b4d142b640
refactor: move appended states to drop-in rc.local
2023-12-19 22:50:59 +01:00
Ben Grande
5eebd789ed
refactor: initial commit
2023-11-13 14:33:28 +00:00