Patrick Schleizer
|
d4c79cce69
|
add "Depends: libpam-runtime" so pam-auth-update is available
for Debian maintainer script
|
2019-07-07 21:09:26 +00:00 |
|
Patrick Schleizer
|
f68b96241c
|
comment
|
2019-07-07 21:08:28 +00:00 |
|
Patrick Schleizer
|
91fb21aafb
|
Due to error:
Jul 07 20:35:39 host sudo[16090]: PAM unable to dlopen(pam_cgfs.so): /lib/security/pam_cgfs.so: cannot open shared object file: No such file or directory
Jul 07 20:35:39 host sudo[16090]: PAM adding faulty module: pam_cgfs.so
run:
pam-auth-update --package
from Debian maintainer scripts
|
2019-07-07 16:51:40 -04:00 |
|
Patrick Schleizer
|
e543c4bf82
|
apparmor fixes (this broke whonixcheck apparmor profile)
|
2019-07-07 16:37:46 -04:00 |
|
Patrick Schleizer
|
8f4a5f33b9
|
bumped changelog version
|
2019-07-07 09:39:12 +00:00 |
|
Patrick Schleizer
|
3558a9949f
|
Enable APT seccomp sandboxing.
Thanks to @torjunkie for the suggestion!
https://forums.whonix.org/t/apt-seccomp-bpf-sandboxing/7702
|
2019-07-07 09:37:25 +00:00 |
|
Patrick Schleizer
|
93e81b4330
|
bumped changelog version
|
2019-07-06 13:56:28 +00:00 |
|
Patrick Schleizer
|
3cd1a5ec09
|
fix lintian warning
|
2019-07-06 13:56:00 +00:00 |
|
Patrick Schleizer
|
b73cdfd7cc
|
bumped changelog version
|
2019-07-06 13:53:10 +00:00 |
|
Patrick Schleizer
|
7b0b9da32c
|
Merge remote-tracking branch 'origin/master'
|
2019-07-06 07:06:54 -04:00 |
|
Patrick Schleizer
|
649878fdcb
|
Merge pull request #20 from madaidan/patch-15
Blacklist HDLC and use "install" for blacklisting firewire/thunderbolt
|
2019-07-06 11:06:25 +00:00 |
|
madaidan
|
8888147e1e
|
Update control
|
2019-07-04 14:26:31 +00:00 |
|
madaidan
|
46409be8b6
|
Use install instead of blacklist
|
2019-07-04 14:25:28 +00:00 |
|
madaidan
|
eb7eaffba1
|
Blacklist n-hdlc
|
2019-07-04 14:24:44 +00:00 |
|
Patrick Schleizer
|
6df7b3c295
|
bumped changelog version
|
2019-07-01 15:23:49 +00:00 |
|
Patrick Schleizer
|
f82731698c
|
re-enable PrivateNetwork=true
|
2019-07-01 14:53:01 +00:00 |
|
Patrick Schleizer
|
81b38529d9
|
add copyright for files in etc/pam.d/*
|
2019-07-01 13:58:20 +00:00 |
|
Patrick Schleizer
|
552b6edbed
|
fix machine readable copyright format
|
2019-07-01 13:51:00 +00:00 |
|
Patrick Schleizer
|
a05264934b
|
add copyright for etc/login.defs.security-misc
|
2019-07-01 13:46:01 +00:00 |
|
Patrick Schleizer
|
48e511347c
|
fix lintian warning
|
2019-07-01 13:37:55 +00:00 |
|
Patrick Schleizer
|
93c0821054
|
config-package-dev displace files for change umask
https://forums.whonix.org/t/change-default-umask/7416
|
2019-07-01 13:35:45 +00:00 |
|
Patrick Schleizer
|
a73f0566e9
|
change default umask to 006
session optional pam_umask.so usergroups
https://forums.whonix.org/t/change-default-umask/7416/17
|
2019-07-01 13:25:23 +00:00 |
|
Patrick Schleizer
|
41b61e3277
|
revert to Debian buster original
|
2019-07-01 13:24:29 +00:00 |
|
Patrick Schleizer
|
88a78b1c87
|
Merge remote-tracking branch 'origin/master'
|
2019-07-01 09:21:05 -04:00 |
|
Patrick Schleizer
|
8c60e7c67f
|
Merge pull request #18 from madaidan/patch-14
Change the default umask to 006
|
2019-07-01 13:20:21 +00:00 |
|
Patrick Schleizer
|
24cc8e380d
|
comment out proc-hidepid.service hardening for now
since broken in Qubes Debian AppVMs
https://forums.whonix.org/t/kernel-hardening/7296/104
|
2019-07-01 03:43:02 -04:00 |
|
Patrick Schleizer
|
0bffc7a930
|
Merge remote-tracking branch 'origin/master'
|
2019-07-01 03:08:26 -04:00 |
|
Patrick Schleizer
|
3c176ce158
|
allow permissions openat mkdir
since required in Qubes Debian templates
|
2019-07-01 03:07:14 -04:00 |
|
Patrick Schleizer
|
344d009032
|
Merge pull request #19 from madaidan/patch-15
Add licensing to proc-hidepid.service
|
2019-07-01 06:39:28 +00:00 |
|
madaidan
|
b8f2aee905
|
Add licensing
|
2019-06-30 13:22:43 +00:00 |
|
madaidan
|
cfaafe400c
|
Update control
|
2019-06-30 13:16:12 +00:00 |
|
madaidan
|
eedeaa0e7f
|
Update common-session-noninteractive
|
2019-06-30 13:12:59 +00:00 |
|
madaidan
|
a9af85f585
|
Update common-session
|
2019-06-30 13:12:16 +00:00 |
|
madaidan
|
1e1d29cfde
|
Create common-session-noninteractive
|
2019-06-30 13:11:31 +00:00 |
|
madaidan
|
501901f7c0
|
Change default umask to 006
|
2019-06-30 13:10:54 +00:00 |
|
madaidan
|
09a5c27f47
|
Create common-session
|
2019-06-30 13:10:29 +00:00 |
|
madaidan
|
a319333493
|
Create login.defs
|
2019-06-30 13:09:51 +00:00 |
|
Patrick Schleizer
|
f26ad14d4c
|
bumped changelog version
|
2019-06-30 07:21:58 -04:00 |
|
Patrick Schleizer
|
b8ace6e3f6
|
bump
|
2019-06-30 07:21:31 -04:00 |
|
Patrick Schleizer
|
f3a4800987
|
bumped changelog version
|
2019-06-30 08:23:51 +00:00 |
|
Patrick Schleizer
|
85f61758c5
|
fix package description
|
2019-06-30 04:11:38 -04:00 |
|
Patrick Schleizer
|
e473397061
|
Merge remote-tracking branch 'origin/master'
|
2019-06-30 04:11:12 -04:00 |
|
Patrick Schleizer
|
ec78a3e42e
|
Merge pull request #17 from madaidan/patch-13
Disable coredumps
|
2019-06-30 08:10:28 +00:00 |
|
Patrick Schleizer
|
67de5247c8
|
Merge branch 'master' into patch-13
|
2019-06-30 08:10:04 +00:00 |
|
Patrick Schleizer
|
9525ff87c6
|
Merge pull request #16 from madaidan/patch-12
Mount /proc with hidepid=2
|
2019-06-30 08:09:23 +00:00 |
|
madaidan
|
dbfb9e1cdf
|
Update control
|
2019-06-30 00:21:46 +00:00 |
|
madaidan
|
024a698249
|
Update control
|
2019-06-30 00:20:38 +00:00 |
|
madaidan
|
230ef34db4
|
Create disable-coredumps.conf
|
2019-06-30 00:19:04 +00:00 |
|
madaidan
|
1bf802f846
|
Create coredumps.conf
|
2019-06-30 00:16:50 +00:00 |
|
madaidan
|
f040081a59
|
Prevent setuid processes from creating coredumps.
|
2019-06-30 00:13:52 +00:00 |
|