security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2025-03-14 20:36:29 -04:00

Author	SHA1	Message	Date
Patrick Schleizer	daf0a0900b	fix apt-get-update for non-English locale https://forums.kicksecure.com/t/systemcheck-reports-warning-debian-package-update-check-result-apt-get-reports-that-packages-can-be-updated-but-system-is-already-fully-upgraded/785	2024-12-19 04:39:34 -05:00
Patrick Schleizer	98d7c245ee	"\|\| exit 1" no longer required thanks to errexit	2024-11-25 15:57:30 -05:00
Patrick Schleizer	f9b5d7d3f4	use strict shell options	2024-11-25 15:48:01 -05:00
Patrick Schleizer	d32cb8c95b	use TMP, sponge, refactoring	2024-11-25 15:44:00 -05:00
Aaron Rainbolt	d7475e252a	Make apt-get-update able to be terminated securely	2024-11-21 20:03:42 -06:00
Patrick Schleizer	29ae5f5980	fix optional opt-in `harden-module-loading.service` by making `/usr/libexec/security-misc/disable-kernel-module-loading` executable Thanks to @ArrayBolt3 for the bug report!	2024-11-11 05:28:31 -05:00
Patrick Schleizer	71c58442ca	minor	2024-10-28 05:10:19 -04:00
Patrick Schleizer	cfe19e31d8	shell options	2024-10-28 05:09:53 -04:00
Patrick Schleizer	0d50615658	local	2024-10-28 05:07:00 -04:00
Patrick Schleizer	ef0eb5f7a0	refactoring	2024-10-28 05:06:26 -04:00
Patrick Schleizer	fdd1f4b7f8	refactoring	2024-10-28 05:06:05 -04:00
Patrick Schleizer	d00235897d	hide-hardware-info: also parse `/usr/local/etc/hide-hardware-info.d/*.conf`	2024-10-28 05:03:59 -04:00
Patrick Schleizer	6c2e808b9f	refactoring	2024-10-28 05:03:20 -04:00
Patrick Schleizer	566cda5e4b	output	2024-10-21 05:47:38 -04:00
Patrick Schleizer	5991a23049	comment	2024-10-21 05:47:25 -04:00
Aaron Rainbolt	690e8dd826	Avoid faillock lock/tally reset on reboot or timeout	2024-10-19 23:52:51 -05:00
Patrick Schleizer	b6433309fd	use end-of-options	2024-10-18 12:45:02 -04:00
Raja Grewal	3101035a3f	Enable `panic_on_warn=1`	2024-08-29 01:57:32 +10:00
Raja Grewal	32de5e7c49	Add details on oopses and warnings	2024-08-25 12:57:22 +10:00
Raja Grewal	e4909b5e28	Add details on kernel panics	2024-08-25 12:47:04 +10:00
Raja Grewal	ed3336694c	Provide the option to immediately reboot on a kernel panics	2024-07-25 10:28:27 +10:00
Raja Grewal	d0a59617f6	Add missing Copyright (C) statements	2024-07-18 00:13:30 +10:00
Raja Grewal	8f3896c3da	Upgrade hyperlinks to HTTPS	2024-07-17 23:44:37 +10:00
Raja Grewal	1bb843ec38	Update Copyright (C) to 2024	2024-05-11 13:18:36 +10:00
Patrick Schleizer	808e72f24b	use long options https://github.com/Kicksecure/security-misc/issues/172	2024-02-26 08:11:26 -05:00
Patrick Schleizer	2d1d1b246f	improve output https://github.com/Kicksecure/security-misc/issues/172	2024-02-26 08:07:29 -05:00
Patrick Schleizer	d8f5376c4f	improve output https://github.com/Kicksecure/security-misc/issues/172	2024-02-26 07:58:06 -05:00
Patrick Schleizer	cf84762a3a	improve output https://github.com/Kicksecure/security-misc/issues/172	2024-02-26 07:52:41 -05:00
Patrick Schleizer	f2958bbfa5	comment	2024-02-26 07:49:30 -05:00
Daniel Winzen	ef44ecea44	Add option to disabe /sys hardening	2024-02-22 17:27:46 +01:00
Daniel Winzen	3bc1765dbb	Allow access to /sys/fs for polkit	2024-02-22 17:27:45 +01:00
Patrick Schleizer	ad010ef5b4	debugging	2023-11-05 17:52:44 -05:00
Patrick Schleizer	3130a39d8c	set -e	2023-11-05 17:43:07 -05:00
Patrick Schleizer	36f3c30440	Merge pull request #148 from monsieuremre/module-loading-hardening Harden the loading of new modules to the kernel after install	2023-11-05 17:41:56 -05:00
Patrick Schleizer	4a19fbae0b	move permission-hardening to /usr/bin to make it more easily accessible	2023-11-05 15:13:01 -05:00
Patrick Schleizer	c75f80b29f	lower verbosity of permission hardener fixes https://github.com/Kicksecure/security-misc/issues/158	2023-11-05 15:09:29 -05:00
monsieuremre	19eceaa810	more fix	2023-11-04 20:56:46 +00:00
Patrick Schleizer	d71ac03d96	comment	2023-11-03 10:36:15 -04:00
monsieuremre	9f063584c1	disable-kernel-module-loading	2023-11-02 10:28:41 +00:00
Patrick Schleizer	a330a9fd75	refactor permission-lockdown	2023-10-26 19:20:21 -04:00
monsieuremre	91c445244c	actually we do it once indeed	2023-10-26 19:41:07 +00:00
monsieuremre	88f396264c	avoiding /etc/passwd	2023-10-26 19:35:59 +00:00
monsieuremre	b5ba03247a	readability	2023-10-26 19:31:25 +00:00
monsieuremre	f487752ba1	not limiting ourselves. we do not do this not just once.	2023-10-26 19:30:58 +00:00
monsieuremre	88cd5a905d	strip unnecessary	2023-10-26 19:25:24 +00:00
monsieuremre	d9f10c221a	new permission-lockdown	2023-10-26 18:17:50 +00:00
Patrick Schleizer	ed11c68ac6	move remount-secure to /usr/bin/remount-secure to make it easier to manually run	2023-10-22 06:51:52 -04:00
Patrick Schleizer	6f4bf57ff2	`remount-secure`: add support for `--force`; output	2023-10-22 06:48:56 -04:00
Patrick Schleizer	6dec5cb1d6	debugging	2023-10-22 06:32:19 -04:00
Patrick Schleizer	bc768aa196	output	2023-10-22 06:31:57 -04:00

1 2 3

148 Commits