security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2025-11-26 00:28:28 -05:00

Author	SHA1	Message	Date
Patrick Schleizer	31fd316e72	comments	2025-08-20 09:48:20 -04:00
Aaron Rainbolt	b5a36e02f1	Merge remote-tracking branch 'raja/panic_limits' into arraybolt3/trixie	2025-08-17 13:52:01 -05:00
raja-grewal	247015bcc6	Set `sysctl kernel.panic=-1`	2025-08-17 06:27:44 +00:00
raja-grewal	f1de0da69b	Clarify description on panics on oopses and warns	2025-08-16 04:01:12 +00:00
raja-grewal	fce86dccb6	Typo	2025-08-13 10:44:40 +10:00
Aaron Rainbolt	c33ea7be6d	Move security-misc/apt-get-update* to helper-scripts	2025-08-10 15:23:48 -05:00
Aaron Rainbolt	5f2425ba6f	Merge branch 'arraybolt3/emerg-shutdown' into arraybolt3/trixie	2025-08-06 20:21:01 -05:00
Aaron Rainbolt	3a77abe5c9	Port hardening options from kloak to emerg-shutdown, fix new compiler warnings	2025-08-06 20:11:02 -05:00
Aaron Rainbolt	44e7d3059a	Integrate emerg-shutdown into the initramfs	2025-08-06 19:10:14 -05:00
Aaron Rainbolt	86f44063eb	Port to Trixie.	2025-08-05 22:58:06 -05:00
raja-grewal	45d20dd972	Upgrade sysctls and docs on kernel panics	2025-08-06 02:35:15 +00:00
Aaron Rainbolt	63f2909341	Fix emerg-shutdown and ensure-shutdown libexec scripts, start emerg-shutdown and ensure-shutdown earlier	2025-08-03 15:00:14 -05:00
Patrick Schleizer	92bcd824e4	also parse /usr/local/etc	2025-08-03 07:17:25 -04:00
Patrick Schleizer	b9416fa77a	validate configuration file	2025-08-03 07:15:41 -04:00
Aaron Rainbolt	1a60da71ed	emerg-shutdown: Add shutdown timeout for preventing stuck shutdowns, briefly document feature set and usage	2025-07-29 21:16:51 -05:00
Aaron Rainbolt	e42078e90d	emerg-shutdown: fix the hang-on-shutdown bug, add autodetection of new keyboards, shutdown key configuration, and instant shutdown option	2025-07-28 20:43:54 -05:00
Aaron Rainbolt	e387086de4	Allow specifying alternative keys in panic key combo, fix optical disk eject handling	2025-07-15 00:01:50 -05:00
Aaron Rainbolt	2a7071055f	Merge branch 'master' into arraybolt3/emerg-shutdown	2025-07-13 15:21:34 -05:00
Aaron Rainbolt	109c013467	Add comment related to approx package caching proxy	2025-06-12 01:08:34 -05:00
Patrick Schleizer	3e102df765	fix	2025-05-28 08:37:03 -04:00
Patrick Schleizer	142ea21189	fix	2025-05-21 12:42:16 -04:00
Patrick Schleizer	a969fa350e	fix	2025-05-21 12:40:27 -04:00
Patrick Schleizer	f023651c98	nounset	2025-05-21 12:35:37 -04:00
Patrick Schleizer	f086787464	fix	2025-05-21 12:35:23 -04:00
Patrick Schleizer	d7643954d1	minor	2025-05-21 12:33:50 -04:00
Patrick Schleizer	aa905fc887	further validation of output of `faillock`	2025-05-21 12:32:16 -04:00
Patrick Schleizer	92d3a36a0f	fix	2025-05-21 12:29:01 -04:00
Patrick Schleizer	2c1abb23e0	output	2025-05-21 12:26:46 -04:00
Patrick Schleizer	0801b96ae7	output	2025-05-21 12:25:49 -04:00
Patrick Schleizer	ef8515ba82	improve error handling	2025-05-21 12:23:45 -04:00
Patrick Schleizer	784867e24b	fix	2025-05-21 12:21:45 -04:00
Patrick Schleizer	e1bae1c68a	fix	2025-05-21 11:50:59 -04:00
Patrick Schleizer	353b6e83c5	test that `wc` is functional https://github.com/Kicksecure/security-misc/pull/305#issuecomment-2892378246	2025-05-21 07:20:13 -04:00
Patrick Schleizer	5930e27052	pam-info: improve error handling https://github.com/Kicksecure/security-misc/pull/305#issuecomment-2892378246	2025-05-21 07:05:25 -04:00
Patrick Schleizer	5c981e0891	pam-info: fix, consistently write errors and warnings to stderr	2025-05-21 06:55:09 -04:00
Patrick Schleizer	405880e63b	handle case of non-existence of /proc/cmdline	2025-05-18 06:44:42 -04:00
Patrick Schleizer	88235cc97b	refactoring	2025-05-18 06:44:04 -04:00
Patrick Schleizer	601ea77b00	end-of-options	2025-05-18 06:42:39 -04:00
Patrick Schleizer	d8feca1276	printf	2025-05-18 06:41:41 -04:00
Patrick Schleizer	7f2ba0980d	refactoring	2025-05-18 06:40:50 -04:00
DMHalford	91a76db66b	Prevent erroneous "Login blocked after [negative number] attempts" errors For root, faillock appears to always* return an empty string (i.e. no table headers are present), yielding a zero-initialized pam_faillock_output_count and thus resulting in the calculation of a negative failed_login_counter value. This can cause erroneous errors of the form "ERROR: Login blocked after [negative number] attempts" during sudo-ing and screen unlocking. This commit modifies the initialization of failed_login_counter such that it cannot be negative and prevents the display of these incorrect warnings. * Only rudimentary local tests were conducted	2025-05-15 15:42:50 -04:00
DMHalford	6c3be9ced0	Prevent erroneous "Login blocked after [negative number] attempts" errors For root, faillock appears to always* return an empty string (i.e. no table headers are present), yielding a zero-initialized pam_faillock_output_count and thus resulting in the calculation of a negative failed_login_counter value. This can cause erroneous errors of the form "ERROR: Login blocked after [negative number] attempts" during sudo-ing and screen unlocking. This commit modifies the initialization of failed_login_counter such that it cannot be negative and prevents the display of these incorrect warnings. * Only rudimentary tests were conducted	2025-05-15 15:06:10 -04:00
Aaron Rainbolt	f3d46ee562	Add emergency shutdown feature, triggered by root device removal	2025-05-09 18:46:41 -05:00
Patrick Schleizer	06e1e44b00	comments	2025-04-25 05:51:21 -04:00
Patrick Schleizer	9948ae114d	fix	2025-04-19 13:24:17 -04:00
Patrick Schleizer	4aca622706	fix	2025-04-19 13:23:26 -04:00
Patrick Schleizer	701f4a0e88	output	2025-04-19 13:20:04 -04:00
Patrick Schleizer	a670c0d873	comment	2025-04-19 13:18:23 -04:00
Patrick Schleizer	4799f3ce02	make `/usr/libexec/security-misc/apt-get-update` more reliable	2025-04-19 13:17:28 -04:00
Patrick Schleizer	c4f0e1d16f	refactoring	2025-04-19 12:57:14 -04:00

1 2 3 4 5

215 commits