Merge branch 'master' into arraybolt3/permission-hardener-refactor

2025-02-13 04:41:22 -05:00 · 2025-01-01 15:04:01 -06:00 · 2025-01-01 15:04:01 -06:00 · 895c0f541f
commit 895c0f541f
parent 717e6fcfbe 40b23cfad4
123 changed files with 223 additions and 135 deletions
--- a/2
+++ b/2
@ -1,7 +1,7 @@
 Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/

 Files: *
-Copyright: 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+Copyright: 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 License: AGPL-3+

 License: AGPL-3+
--- a/README.md
+++ b/README.md
@ -584,28 +584,30 @@ See:

 #### umask

-Default `umask` is set to `027` for files created by non-root users such as
-user `user`.
+The default `umask` is set to `027` for files created by non-root users, such
+as the account `user`.

 This is done using the PAM module `pam_mkhomedir.so umask=027`.

-This means files created by non-root users cannot be read by other non-root
-users by default. While Permission Lockdown already protects the `/home` folder,
-this protects other folders such as `/tmp`.
+This configuration ensures that files created by non-root users cannot be read
+by other non-root users by default. While Permission Lockdown already protects
+the `/home` folder, this setting extends protection to other folders such as
+`/tmp`.

 `group` read permissions are not removed. This is unnecessary due to Debian's
 use of User Private Groups (UPGs). See also:
 https://wiki.debian.org/UserPrivateGroups

-Default `umask` is unchanged for root because then configuration files created
-in `/etc` by the system administrator would be unreadable by "others" and break
-applications. Examples include `/etc/firefox-esr` and `/etc/thunderbird`. The
-`umask` is also set to 022 via `sudoers` configuration, so that files created
-as root are world-readable even when using commands such as `sudo vi
-/etc/file` or `sudo -i; touch /etc/file`.
+The default `umask` is unchanged for root because configuration files created
+in `/etc` by the system administrator would otherwise be unreadable by
+"others," potentially breaking applications. Examples include `/etc/firefox-esr`
+and `/etc/thunderbird`. Additionally, the `umask` is set to `022` via `sudoers`
+configuration, ensuring that files created as root are world-readable, even
+when using commands such as `sudo vi /etc/file` or `sudo -i; touch /etc/file`.

-`umask` is set to 022 rather than 027 when using `sudo`, so that commands such
-as `sudo vi /etc/configfile` and `sudo -i; touch /etc/file`
+When using `sudo`, the `umask` is set to `022` rather than `027` to ensure
+compatibility with commands such as `sudo vi /etc/configfile` and
+`sudo -i; touch /etc/file`.

 See:

--- a/changelog.upstream
+++ b/changelog.upstream
@ -1,3 +1,65 @@
+commit 33114f771aaeb4dccb0b465861d1239129deb8b2
+Author: Patrick Schleizer <adrelanos@whonix.org>
+Date:   Tue Dec 31 13:26:21 2024 -0500
+
+    copyright
+
+commit bb24bff2965ca31de6337820eafd787a11a44a2b
+Author: Patrick Schleizer <adrelanos@whonix.org>
+Date:   Tue Dec 31 14:09:34 2024 +0000
+
+    bumped changelog version
+
+commit 0640964c35b0d977ba718629d4a8791e67700202
+Author: Patrick Schleizer <adrelanos@whonix.org>
+Date:   Tue Dec 31 06:14:29 2024 -0500
+
+    readme
+
+commit 397b476a822c9f7e41ec911f5d689b67026660ad
+Author: Patrick Schleizer <adrelanos@whonix.org>
+Date:   Thu Dec 26 04:12:02 2024 +0000
+
+    bumped changelog version
+
+commit 66f8c18c65f33676d242b57ebb1d4410876461b3
+Merge: aa82202 6602fb1
+Author: Patrick Schleizer <adrelanos@whonix.org>
+Date:   Wed Dec 25 22:43:04 2024 -0500
+
+    Merge remote-tracking branch 'ArrayBolt3/arraybolt3/sysmaint'
+
+commit 6602fb102dedc21300ae4c4519f3d9ef4e668045
+Author: Aaron Rainbolt <arraybolt3@ubuntu.com>
+Date:   Tue Dec 24 20:52:34 2024 -0600
+
+    Adjust pam-info messaging for sysmaint mode
+
+commit aa82202e701167eacb63eac208469844e983ca43
+Author: Patrick Schleizer <adrelanos@whonix.org>
+Date:   Tue Dec 24 05:16:22 2024 +0000
+
+    bumped changelog version
+
+commit 27d015d58ebc5e750d9d06f042b761720473941d
+Merge: 3c73c0c 2f3a2bc
+Author: Patrick Schleizer <adrelanos@whonix.org>
+Date:   Tue Dec 24 00:08:58 2024 -0500
+
+    Merge remote-tracking branch 'ArrayBolt3/arraybolt3/sysmaint'
+
+commit 2f3a2bce7756efe75cd8aaf5066b599b4c49bbdc
+Author: Aaron Rainbolt <arraybolt3@ubuntu.com>
+Date:   Fri Dec 20 11:04:22 2024 -0600
+
+    Add warning about using non-sysmaint accounts in sysmaint mode
+
+commit 3c73c0cd3a845d1a484551ff50f59e5f2ef56a68
+Author: Patrick Schleizer <adrelanos@whonix.org>
+Date:   Fri Dec 20 06:01:27 2024 +0000
+
+    bumped changelog version
+
 commit a4c76c617a18a49168e0ffdba2d8b0ae834f2877
 Author: Patrick Schleizer <adrelanos@whonix.org>
 Date:   Fri Dec 20 01:01:13 2024 -0500
--- a/debian/changelog
+++ b/debian/changelog
@ -1,3 +1,27 @@
+security-misc (3:42.1-1) unstable; urgency=medium
+
+  * New upstream version (local package).
+
+ -- Patrick Schleizer <adrelanos@whonix.org>  Tue, 31 Dec 2024 18:42:01 +0000
+
+security-misc (3:42.0-1) unstable; urgency=medium
+
+  * New upstream version (local package).
+
+ -- Patrick Schleizer <adrelanos@whonix.org>  Tue, 31 Dec 2024 14:09:34 +0000
+
+security-misc (3:41.9-1) unstable; urgency=medium
+
+  * New upstream version (local package).
+
+ -- Patrick Schleizer <adrelanos@whonix.org>  Thu, 26 Dec 2024 04:12:02 +0000
+
+security-misc (3:41.8-1) unstable; urgency=medium
+
+  * New upstream version (local package).
+
+ -- Patrick Schleizer <adrelanos@whonix.org>  Tue, 24 Dec 2024 05:16:21 +0000
+
 security-misc (3:41.7-1) unstable; urgency=medium

  * New upstream version (local package).
--- a/debian/copyright
+++ b/debian/copyright
@ -1,7 +1,7 @@
 Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/

 Files: *
-Copyright: 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+Copyright: 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 License: AGPL-3+

 License: AGPL-3+
--- a/debian/make-helper-overrides.bsh
+++ b/debian/make-helper-overrides.bsh
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2021 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2021 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## https://forums.whonix.org/t/blacklist-more-kernel-modules-to-reduce-attack-surface/7989/24
--- a/debian/rules
+++ b/debian/rules
@ -1,6 +1,6 @@
 #!/usr/bin/make -f

-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 #export DH_VERBOSE=1
--- a/debian/security-misc.displace
+++ b/debian/security-misc.displace
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 /etc/securetty.security-misc
--- a/debian/security-misc.gconf-defaults
+++ b/debian/security-misc.gconf-defaults
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 /apps/nautilus/preview_sound never
--- a/debian/security-misc.install
+++ b/debian/security-misc.install
@ -1,4 +1,4 @@
-## Copyright (C) 2020 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2020 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## This file was generated using 'genmkfile debinstfile'.
--- a/debian/security-misc.links
+++ b/debian/security-misc.links
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 /etc/profile.d/30_security-misc.sh /etc/zprofile.d/30_security-misc.zsh
--- a/debian/security-misc.maintscript
+++ b/debian/security-misc.maintscript
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 rm_conffile /etc/sudoers.d/umask-security-misc
--- a/debian/security-misc.postinst
+++ b/debian/security-misc.postinst
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 if [ -f /usr/libexec/helper-scripts/pre.bsh ]; then
--- a/debian/security-misc.postrm
+++ b/debian/security-misc.postrm
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 if [ -f /usr/libexec/helper-scripts/pre.bsh ]; then
--- a/debian/security-misc.preinst
+++ b/debian/security-misc.preinst
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 if [ -f /usr/libexec/helper-scripts/pre.bsh ]; then
--- a/debian/security-misc.prerm
+++ b/debian/security-misc.prerm
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 if [ -f /usr/libexec/helper-scripts/pre.bsh ]; then
--- a/debian/security-misc.triggers
+++ b/debian/security-misc.triggers
@ -1,4 +1,4 @@
-## Copyright (C) 2024 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2024 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## use noawait
--- a/debian/security-misc.undisplace
+++ b/debian/security-misc.undisplace
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 /etc/login.defs.security-misc
--- a/debian/watch
+++ b/debian/watch
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 version=4
--- a/etc/apparmor.d/tunables/home.d/security-misc
+++ b/etc/apparmor.d/tunables/home.d/security-misc
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 alias /etc/pam.d/common-session -> /etc/pam.d/common-session.security-misc,
--- a/etc/apt/apt.conf.d/40error-on-any
+++ b/etc/apt/apt.conf.d/40error-on-any
@ -1,4 +1,4 @@
-## Copyright (C) 2021 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2021 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Make "sudo apt-get update" exit non-zero for transient failures.
--- a/etc/apt/apt.conf.d/40sandbox
+++ b/etc/apt/apt.conf.d/40sandbox
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## https://forums.whonix.org/t/apt-seccomp-bpf-sandboxing/7702
--- a/etc/bluetooth/30_security-misc.conf
+++ b/etc/bluetooth/30_security-misc.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2023 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2023 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 [General]
--- a/etc/default/grub.d/40_cpu_mitigations.cfg
+++ b/etc/default/grub.d/40_cpu_mitigations.cfg
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Definitions:
--- a/etc/default/grub.d/40_kernel_hardening.cfg
+++ b/etc/default/grub.d/40_kernel_hardening.cfg
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 kpkg="linux-image-$(dpkg --print-architecture)" || true
--- a/etc/default/grub.d/40_remount_secure.cfg
+++ b/etc/default/grub.d/40_remount_secure.cfg
@ -1,4 +1,4 @@
-## Copyright (C) 2023 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2023 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Definitions:
--- a/etc/default/grub.d/40_signed_modules.cfg
+++ b/etc/default/grub.d/40_signed_modules.cfg
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Definitions:
--- a/etc/default/grub.d/41_quiet_boot.cfg
+++ b/etc/default/grub.d/41_quiet_boot.cfg
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Definitions:
--- a/etc/default/grub.d/41_recovery_restrict.cfg
+++ b/etc/default/grub.d/41_recovery_restrict.cfg
@ -1,4 +1,4 @@
-## Copyright (C) 2024 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2024 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Definitions:
--- a/etc/dracut.conf.d/30-security-misc.conf
+++ b/etc/dracut.conf.d/30-security-misc.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2021 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2021 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 reproducible=yes
--- a/etc/gitconfig
+++ b/etc/gitconfig
@ -1,4 +1,4 @@
-## Copyright (C) 2024 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2024 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Lines starting with a hash symbol ('#') are comments.
--- a/etc/hide-hardware-info.d/30_default.conf
+++ b/etc/hide-hardware-info.d/30_default.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Disable the /sys whitelist.
--- a/etc/initramfs-tools/hooks/sysctl-initramfs
+++ b/etc/initramfs-tools/hooks/sysctl-initramfs
@ -1,6 +1,6 @@
 #!/bin/sh

-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 set -e
--- a/etc/initramfs-tools/scripts/init-bottom/sysctl-initramfs
+++ b/etc/initramfs-tools/scripts/init-bottom/sysctl-initramfs
@ -1,6 +1,6 @@
 #!/bin/sh

-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 PREREQ=""
--- a/etc/kernel/postinst.d/30_remove-system-map
+++ b/etc/kernel/postinst.d/30_remove-system-map
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 if test -x /usr/libexec/security-misc/remove-system.map ; then
--- a/etc/modprobe.d/30_security-misc_blacklist.conf
+++ b/etc/modprobe.d/30_security-misc_blacklist.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## See the following links for a community discussion and overview regarding the selections.
--- a/etc/modprobe.d/30_security-misc_conntrack.conf
+++ b/etc/modprobe.d/30_security-misc_conntrack.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Conntrack:
--- a/etc/modprobe.d/30_security-misc_disable.conf
+++ b/etc/modprobe.d/30_security-misc_disable.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## See the following links for a community discussion and overview regarding the selections.
--- a/etc/profile.d/30_security-misc.sh
+++ b/etc/profile.d/30_security-misc.sh
@ -1,6 +1,6 @@
 #!/bin/sh

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 if [ -z "$XDG_CONFIG_DIRS" ]; then
--- a/etc/securetty.security-misc
+++ b/etc/securetty.security-misc
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 # /etc/securetty: list of terminals on which root is allowed to login.
--- a/etc/security/access-security-misc.conf
+++ b/etc/security/access-security-misc.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## To enable root login, see:
--- a/etc/security/faillock.conf.security-misc
+++ b/etc/security/faillock.conf.security-misc
@ -1,4 +1,4 @@
-## Copyright (C) 2021 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2021 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 # Configuration for locking the user after multiple failed
--- a/etc/security/limits.d/30_security-misc.conf
+++ b/etc/security/limits.d/30_security-misc.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Disable coredumps.
--- a/etc/skel/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml
+++ b/etc/skel/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml
@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>

-<!-- ## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org> -->
+<!-- ## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org> -->
 <!-- ## See the file COPYING for copying conditions. -->

 <!-- Configuration for Thunar. -->
--- a/etc/sudoers.d/security-misc
+++ b/etc/sudoers.d/security-misc
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Neither of these are needed.
--- a/etc/systemd/system/emergency.service.d/override.conf
+++ b/etc/systemd/system/emergency.service.d/override.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802211
--- a/etc/systemd/system/rescue.service.d/override.conf
+++ b/etc/systemd/system/rescue.service.d/override.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802211
--- a/etc/thunderbird/pref/40_security-misc.js
+++ b/etc/thunderbird/pref/40_security-misc.js
@ -1,4 +1,4 @@
-//#### Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+//#### Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 //#### See the file COPYING for copying conditions.

 //#### meta start
--- a/usr/bin/disabled-bluetooth-by-security-misc
+++ b/usr/bin/disabled-bluetooth-by-security-misc
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Alerts user that a kernel module failed to load due to it being explicitly disabled by default.
--- a/usr/bin/disabled-cdrom-by-security-misc
+++ b/usr/bin/disabled-cdrom-by-security-misc
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Alerts user that a kernel module failed to load due to it being explicitly disabled by default.
--- a/usr/bin/disabled-filesys-by-security-misc
+++ b/usr/bin/disabled-filesys-by-security-misc
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Alerts user that a kernel module failed to load due to it being explicitly disabled by default.
--- a/usr/bin/disabled-firewire-by-security-misc
+++ b/usr/bin/disabled-firewire-by-security-misc
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Alerts user that a kernel module failed to load due to it being explicitly disabled by default.
--- a/usr/bin/disabled-framebuffer-by-security-misc
+++ b/usr/bin/disabled-framebuffer-by-security-misc
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2024 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2024 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Alerts user that a kernel module failed to load due to it being explicitly disabled by default.
--- a/usr/bin/disabled-gps-by-security-misc
+++ b/usr/bin/disabled-gps-by-security-misc
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Alerts user that a kernel module failed to load due to it being explicitly disabled by default.
--- a/usr/bin/disabled-intelme-by-security-misc
+++ b/usr/bin/disabled-intelme-by-security-misc
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Alerts user that a kernel module failed to load due to it being explicitly disabled by default.
--- a/usr/bin/disabled-intelpmt-by-security-misc
+++ b/usr/bin/disabled-intelpmt-by-security-misc
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2024 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2024 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Alerts user that a kernel module failed to load due to it being explicitly disabled by default.
--- a/usr/bin/disabled-miscellaneous-by-security-misc
+++ b/usr/bin/disabled-miscellaneous-by-security-misc
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Alerts user that a kernel module failed to load due to it being explicitly disabled by default.
--- a/usr/bin/disabled-netfilesys-by-security-misc
+++ b/usr/bin/disabled-netfilesys-by-security-misc
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Alerts user that a kernel module failed to load due to it being explicitly disabled by default.
--- a/usr/bin/disabled-network-by-security-misc
+++ b/usr/bin/disabled-network-by-security-misc
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Alerts user that a kernel module failed to load due to it being explicitly disabled by default.
--- a/usr/bin/disabled-thunderbolt-by-security-misc
+++ b/usr/bin/disabled-thunderbolt-by-security-misc
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Alerts user that a kernel module failed to load due to it being explicitly disabled by default.
--- a/usr/bin/permission-hardener
+++ b/usr/bin/permission-hardener
@ -1,7 +1,7 @@
 #!/bin/bash
 # shellcheck disable=SC2076

-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## https://forums.whonix.org/t/disable-suid-binaries/7706
--- a/usr/bin/remount-secure
+++ b/usr/bin/remount-secure
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## features:
--- a/usr/lib/NetworkManager/conf.d/80_ipv6-privacy.conf
+++ b/usr/lib/NetworkManager/conf.d/80_ipv6-privacy.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2023 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2023 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## MAC randomisation breaks root server and VirtualBox DHCP likely due to IPv6 Privacy Extensions.
--- a/usr/lib/NetworkManager/conf.d/80_randomize-mac.conf
+++ b/usr/lib/NetworkManager/conf.d/80_randomize-mac.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2023 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2023 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## MAC randomisation breaks root server and VirtualBox DHCP likely due to IPv6 Privacy Extensions.
--- a/usr/lib/dracut/modules.d-disabled/20remount-secure/module-setup.sh
+++ b/usr/lib/dracut/modules.d-disabled/20remount-secure/module-setup.sh
@ -1,6 +1,6 @@
 #!/bin/bash

-## Copyright (C) 2023 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2023 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 # called by dracut
--- a/usr/lib/dracut/modules.d-disabled/20remount-secure/remount-secure.sh
+++ b/usr/lib/dracut/modules.d-disabled/20remount-secure/remount-secure.sh
@ -1,6 +1,6 @@
 #!/bin/sh

-## Copyright (C) 2023 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2023 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## This script is intended to remount specified mount points with more secure
--- a/usr/lib/modules-load.d/30_security-misc.conf
+++ b/usr/lib/modules-load.d/30_security-misc.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## https://www.whonix.org/wiki/Dev/Entropy
--- a/usr/lib/permission-hardener.d/25_default_sudo.conf
+++ b/usr/lib/permission-hardener.d/25_default_sudo.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_bubblewrap.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_bubblewrap.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_chromium.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_chromium.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_dbus.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_dbus.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_firejail.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_firejail.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_fuse.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_fuse.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_hardened_malloc.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_hardened_malloc.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_mount.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_mount.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_pam.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_pam.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_passwd.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_passwd.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_policykit.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_policykit.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_postfix.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_postfix.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2023 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2023 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_qubes.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_qubes.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_selinux.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_selinux.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_spice.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_spice.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_ssh.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_ssh.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2023 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2023 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_sudo.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_sudo.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_unix_chkpwd.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_unix_chkpwd.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/25_default_whitelist_virtualbox.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_virtualbox.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/permission-hardener.d/30_default.conf
+++ b/usr/lib/permission-hardener.d/30_default.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Please use "/etc/permission-hardener.d/20_user.conf" or
--- a/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf
+++ b/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Definitions:
--- a/usr/lib/sysctl.d/30_silent-kernel-printk.conf
+++ b/usr/lib/sysctl.d/30_silent-kernel-printk.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## Definitions:
--- a/usr/lib/sysctl.d/990-security-misc.conf
+++ b/usr/lib/sysctl.d/990-security-misc.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## NOTE:
--- a/usr/lib/systemd/coredump.conf.d/30_security-misc.conf
+++ b/usr/lib/systemd/coredump.conf.d/30_security-misc.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 [Coredump]
--- a/usr/lib/systemd/networkd.conf.d/80_ipv6-privacy-extensions.conf
+++ b/usr/lib/systemd/networkd.conf.d/80_ipv6-privacy-extensions.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2023 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2023 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## MAC randomisation breaks root server and VirtualBox DHCP likely due to IPv6 Privacy Extensions.
--- a/usr/lib/systemd/system-preset/50-security-misc.preset
+++ b/usr/lib/systemd/system-preset/50-security-misc.preset
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 ## https://forums.whonix.org/t/restrict-hardware-information-to-root-testers-wanted/8618
--- a/usr/lib/systemd/system/harden-module-loading.service
+++ b/usr/lib/systemd/system/harden-module-loading.service
@ -1,4 +1,4 @@
-## Copyright (C) 2023 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2023 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 [Unit]
--- a/usr/lib/systemd/system/haveged.service.d/30_security-misc.conf
+++ b/usr/lib/systemd/system/haveged.service.d/30_security-misc.conf
@ -1,4 +1,4 @@
-## Copyright (C) 2021 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2021 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 [Service]
--- a/usr/lib/systemd/system/hide-hardware-info.service
+++ b/usr/lib/systemd/system/hide-hardware-info.service
@ -1,4 +1,4 @@
-## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 [Unit]
--- a/usr/lib/systemd/system/panic-on-oops.service
+++ b/usr/lib/systemd/system/panic-on-oops.service
@ -1,4 +1,4 @@
-## Copyright (C) 2024 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2024 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 [Unit]
--- a/usr/lib/systemd/system/permission-hardener.service
+++ b/usr/lib/systemd/system/permission-hardener.service
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 [Unit]
--- a/usr/lib/systemd/system/proc-hidepid.service
+++ b/usr/lib/systemd/system/proc-hidepid.service
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 [Unit]
--- a/usr/lib/systemd/system/remount-secure.service
+++ b/usr/lib/systemd/system/remount-secure.service
@ -1,4 +1,4 @@
-## Copyright (C) 2019 - 2024 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
 ## See the file COPYING for copying conditions.

 [Unit]
--- a/Show More
+++ b/Show More