Patrick Schleizer
|
cb668459e8
|
port umask from /etc/pam.d to /usr/share/pam-configs implementation
https://forums.whonix.org/t/change-default-umask/7416
|
2019-07-13 10:35:10 -04:00 |
|
Patrick Schleizer
|
ac25733de8
|
remove etc/pam.d/common-password.security-misc rounds=65536
due to unclean implementation, see:
https://forums.whonix.org/t/restrict-root-access/7658/37
|
2019-07-13 14:01:53 +00:00 |
|
Patrick Schleizer
|
69b97981f3
|
convert etc/pam.d/su.security-misc to usr/share/pam-configs/wheel
https://forums.whonix.org/t/restrict-root-access/7658/32
|
2019-07-13 12:33:51 +00:00 |
|
Patrick Schleizer
|
4079632d1a
|
remove modifying to /etc/pam.d directly (unrelased)
config-package-dev displace /etc/securetty
remove trailing spaces
https://forums.whonix.org/t/restrict-root-access/7658/31
|
2019-07-13 11:41:37 +00:00 |
|
Patrick Schleizer
|
cdb7c6f7eb
|
bumped changelog version
|
2019-07-11 18:28:04 +00:00 |
|
Patrick Schleizer
|
aee6b34635
|
fix lintian warning
|
2019-07-11 18:26:17 +00:00 |
|
Patrick Schleizer
|
a40a04aaec
|
Merge remote-tracking branch 'origin/master'
|
2019-07-11 14:08:30 -04:00 |
|
Patrick Schleizer
|
93190ebf10
|
Merge pull request #25 from madaidan/patch-20
Improve documentation of blacklisting uncommon network protocols
|
2019-07-11 18:08:01 +00:00 |
|
madaidan
|
1aee08fa5e
|
Update control
|
2019-07-11 15:30:09 +00:00 |
|
madaidan
|
b63d4ccb41
|
Update uncommon-network-protocols.conf
|
2019-07-11 15:28:56 +00:00 |
|
madaidan
|
853c2eb377
|
Update control
|
2019-07-11 15:26:14 +00:00 |
|
Patrick Schleizer
|
f5356cee2c
|
bumped changelog version
|
2019-07-11 07:16:38 +00:00 |
|
Patrick Schleizer
|
bea98474ba
|
chmod +x usr/lib/security-misc/panic-on-oops
|
2019-07-11 07:07:21 +00:00 |
|
Patrick Schleizer
|
0057c0dd8c
|
fix lintian warning
|
2019-07-11 07:07:01 +00:00 |
|
Patrick Schleizer
|
2a893c0562
|
Merge remote-tracking branch 'origin/master'
|
2019-07-11 06:50:35 +00:00 |
|
Patrick Schleizer
|
a54500c6f1
|
Merge pull request #23 from madaidan/patch-18
Blacklist more uncommon network protocols
|
2019-07-11 06:41:37 +00:00 |
|
Patrick Schleizer
|
7d3a61564d
|
Merge pull request #24 from madaidan/patch-19
Move disable-coredumps.conf to correct position
|
2019-07-11 06:41:08 +00:00 |
|
madaidan
|
932524cbd1
|
Move disable-coredumps.conf to correct position
|
2019-07-10 15:28:48 +00:00 |
|
madaidan
|
1e4d349516
|
Update control
|
2019-07-10 14:28:39 +00:00 |
|
madaidan
|
4058e283a5
|
Blacklist more uncommon network protocols
|
2019-07-10 14:27:19 +00:00 |
|
madaidan
|
d70440aaed
|
Remove duplicate
|
2019-07-09 21:57:37 +00:00 |
|
madaidan
|
a8b44c75f9
|
Update control
|
2019-07-09 21:57:07 +00:00 |
|
madaidan
|
2d27bdd808
|
Blacklist more uncommon network protocols
|
2019-07-09 21:55:37 +00:00 |
|
Patrick Schleizer
|
3df6a44e98
|
also allow members of group sudo to run /usr/lib/security-misc/panic-on-oops
|
2019-07-09 06:56:23 -04:00 |
|
Patrick Schleizer
|
5fb500ac32
|
Merge remote-tracking branch 'origin/master'
|
2019-07-09 06:55:27 -04:00 |
|
Patrick Schleizer
|
e4bb77037e
|
Merge pull request #21 from madaidan/patch-16
Make the kernel panic on oopses
|
2019-07-09 10:54:48 +00:00 |
|
Patrick Schleizer
|
0f15303eb4
|
Merge branch 'master' into patch-16
|
2019-07-09 10:54:24 +00:00 |
|
Patrick Schleizer
|
8793708906
|
Merge remote-tracking branch 'origin/master'
|
2019-07-09 03:23:26 -04:00 |
|
Patrick Schleizer
|
a9441e7be4
|
Merge pull request #22 from madaidan/patch-17
Restrict access to the root account
|
2019-07-09 07:21:47 +00:00 |
|
madaidan
|
24b326d906
|
Update control
|
2019-07-08 23:24:41 +00:00 |
|
madaidan
|
24d9eadcb2
|
Use 65536 hashing rounds
|
2019-07-08 23:19:59 +00:00 |
|
madaidan
|
86117d9577
|
Create common-password.security-misc
|
2019-07-08 23:19:19 +00:00 |
|
madaidan
|
8ad9a54b09
|
Don't allow root login from a terminal
|
2019-07-08 23:17:17 +00:00 |
|
madaidan
|
890298a3c8
|
Restrict su to users in the root group
|
2019-07-08 23:15:56 +00:00 |
|
madaidan
|
38099a2a5d
|
Create su.security-misc
|
2019-07-08 23:11:17 +00:00 |
|
madaidan
|
45f8102d56
|
Update control
|
2019-07-08 23:04:47 +00:00 |
|
madaidan
|
2a17427055
|
Create security-misc
|
2019-07-08 23:01:30 +00:00 |
|
madaidan
|
4ac700ded0
|
Create 50panic_on_oops
|
2019-07-08 22:59:39 +00:00 |
|
madaidan
|
52c61011d4
|
Create panic-on-oops
|
2019-07-08 22:58:56 +00:00 |
|
Patrick Schleizer
|
50c00fcfa1
|
bumped changelog version
|
2019-07-08 00:23:52 +00:00 |
|
Patrick Schleizer
|
223b691833
|
add 'Depends: libpam-cgfs'
https://forums.whonix.org/t/change-default-umask/7416/30?u=patrick
|
2019-07-07 23:39:58 +00:00 |
|
Patrick Schleizer
|
d31a16f264
|
bumped changelog version
|
2019-07-07 23:00:27 +00:00 |
|
Patrick Schleizer
|
673aab6bc2
|
shut up pam-auth-update
|
2019-07-07 22:18:47 +00:00 |
|
Patrick Schleizer
|
67ff83262b
|
move to pam-auth-update --force
--package hangs in Qubes updater since it starts whiptail for interactive dpkg configuration dialog.
|
2019-07-07 21:31:56 +00:00 |
|
Patrick Schleizer
|
8399a11367
|
bumped changelog version
|
2019-07-07 21:11:08 +00:00 |
|
Patrick Schleizer
|
d4c79cce69
|
add "Depends: libpam-runtime" so pam-auth-update is available
for Debian maintainer script
|
2019-07-07 21:09:26 +00:00 |
|
Patrick Schleizer
|
f68b96241c
|
comment
|
2019-07-07 21:08:28 +00:00 |
|
Patrick Schleizer
|
91fb21aafb
|
Due to error:
Jul 07 20:35:39 host sudo[16090]: PAM unable to dlopen(pam_cgfs.so): /lib/security/pam_cgfs.so: cannot open shared object file: No such file or directory
Jul 07 20:35:39 host sudo[16090]: PAM adding faulty module: pam_cgfs.so
run:
pam-auth-update --package
from Debian maintainer scripts
|
2019-07-07 16:51:40 -04:00 |
|
Patrick Schleizer
|
e543c4bf82
|
apparmor fixes (this broke whonixcheck apparmor profile)
|
2019-07-07 16:37:46 -04:00 |
|
Patrick Schleizer
|
8f4a5f33b9
|
bumped changelog version
|
2019-07-07 09:39:12 +00:00 |
|