Patrick Schleizer
a67007f4b7
copyright
2021-03-17 09:45:21 -04:00
Patrick Schleizer
2ceea8d1fe
update copyright year
2020-04-01 08:49:59 -04:00
Patrick Schleizer
ad022fc0b7
fix
2020-04-01 08:21:06 -04:00
Patrick Schleizer
c22adbd92f
notify if security-misc installation is forced
2020-03-30 18:39:23 -04:00
Patrick Schleizer
f663b5eff8
skip check if any non-root user is a member of group sudo and console if
...
environment variable `SECURITY_MISC_INSTALL` is set to `force`
2020-03-30 17:15:02 -04:00
Patrick Schleizer
bc22fc9fdb
skip check if any non-root user is a member of group sudo and console if file
...
/var/lib/security-misc/skip_install_check exists
2020-03-30 17:12:43 -04:00
Patrick Schleizer
fbe9b60d95
fix Whonix / Kicksecure
...
/var/lib/dpkg/tmp.ci/preinst: ERROR: No user is a member of group 'console'. Installation aborted.
/var/lib/dpkg/tmp.ci/preinst: ERROR: You probably want to run:
sudo adduser user console
2020-01-20 08:49:02 -05:00
Patrick Schleizer
660837dc38
fix case when user "user" does not exists
2020-01-14 09:25:32 -05:00
Patrick Schleizer
18c726c3ee
comment
2020-01-14 09:23:02 -05:00
Patrick Schleizer
b8652681e7
fix legacy
2020-01-14 09:21:47 -05:00
Patrick Schleizer
2a3aae62b1
fix
2019-12-31 06:06:52 -05:00
Patrick Schleizer
e89552c984
add user "user" to group "console" in Whonix and Kicksecure
...
enable Console Lockdown in Whonix and Kicksecure
2019-12-31 05:55:44 -05:00
Patrick Schleizer
62eb462920
skip console_users_check for Qubes users
2019-12-16 06:46:48 -05:00
Patrick Schleizer
729fa26eca
use pam_acccess only for /etc/pam.d/login
...
remove "Allow members of group 'ssh' to login."
remove "+:ssh:ALL EXCEPT LOCAL"
2019-12-12 09:00:08 -05:00
Patrick Schleizer
88bea2a6ef
comment
2019-12-10 03:53:10 -05:00
Patrick Schleizer
7d8001ddc9
refactoring
2019-12-10 03:51:39 -05:00
Patrick Schleizer
d2f6ac0491
fix, do user/group modifications in preinst rather than postinst
2019-12-10 03:50:23 -05:00
Patrick Schleizer
ebae9eef38
skip sudo_users_check in Qubes
...
Qubes users can use dom0 to get a root terminal emulator.
For example:
qvm-run -u root debian-10 xterm
2019-12-08 04:25:19 -05:00
Patrick Schleizer
a345a0fb64
abort installation if ssh.service is enabled but no user is member of group ssh
2019-12-08 03:27:12 -05:00
Patrick Schleizer
cea598dc1a
refactoring
2019-12-08 02:43:05 -05:00
Patrick Schleizer
54f5e02c21
comment
2019-12-08 02:42:30 -05:00
Patrick Schleizer
b4265195f4
refactoring
2019-12-08 02:41:36 -05:00
Patrick Schleizer
0f65b2e85c
abort installation if no user is a member of group "console"; output
...
https://forums.whonix.org/t/etc-security-hardening-console-lockdown-pam-access-access-conf/8592/7
2019-12-08 02:38:19 -05:00
Patrick Schleizer
e76e1475b0
comment
2019-11-22 12:24:35 -05:00
Patrick Schleizer
203d5cfa68
copyright
2019-10-31 11:19:44 -04:00
Patrick Schleizer
957deac5cb
fix lintian warning
...
W: security-misc: maintainer-script-should-not-parse-etc-passwd-or-group preinst:19
2019-10-18 10:38:25 +00:00
Patrick Schleizer
c9d75ef9ea
abort installation if no user is part of group sudo
...
https://forums.whonix.org/t/is-security-misc-suitable-for-hardening-bridges-and-relays/8299/4
Thanks to minimal for the bug report!
2019-10-17 06:46:47 -04:00