Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-11-24 17:03:31 -05:00
Code Issues Projects Releases Packages Wiki Activity
security-misc/debian
History
Patrick Schleizer c192644ee3
security-misc /usr/share/pam-configs/permission-lockdown-security-misc is no longer required, removed. 
Thereby fix apparmor issue.

> Dec 08 09:47:50 host audit[3232]: AVC apparmor="DENIED" operation="exec" profile="/usr/bin/whonixcheck" name="/usr/lib/security-misc/permission-lockdown" pid=3232 comm="sudo" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
> Dec 08 09:47:50 host sudo[3232]: pam_exec(sudo:session): execve(/usr/lib/security-misc/permission-lockdown,...) failed: Permission denied

It is no longer required, because...

existing linux user accounts:

* Get permission lock down because security-misc `debian/security-misc.postinst` calls `/usr/lib/security-misc/permission-lockdown`.

new linux user accounts (created at first boot):

* security-misc `/usr/share/pam-configs/mkhomedir-security-misc` pam mkhomedir sets secure permissions using `umask=027`.
2019-12-08 05:21:35 -05:00
..
source port to debian buster 2019-04-04 05:51:06 -04:00
changelog bumped changelog version 2019-12-08 04:38:33 -05:00
compat port to debian buster 2019-04-04 05:51:06 -04:00
control security-misc /usr/share/pam-configs/permission-lockdown-security-misc is no longer required, removed. 2019-12-08 05:21:35 -05:00
copyright remove umask changes since these are causing issues are are not needed anymore 2019-08-24 12:14:22 -04:00
rules add usr/bin/hardening-enable 2019-12-08 02:27:09 -05:00
security-misc.displace Redirect calls for pkexec to lxqt-sudo because pkexec is incompatible with hidepid. 2019-10-21 05:46:49 -04:00
security-misc.displace-extension config-package-dev displace files for change umask 2019-07-01 13:35:45 +00:00
security-misc.gconf-defaults deactivate preview in Nautilus 2015-12-15 04:14:00 +00:00
security-misc.maintscript Revert "undo Disabling TCP SACK, DSACK, FACK" 2019-10-05 13:13:46 +00:00
security-misc.postinst comment 2019-12-08 02:01:22 -05:00
security-misc.postrm fix, make sure to undo pam changes on package removal 2019-11-27 10:22:31 -05:00
security-misc.preinst skip sudo_users_check in Qubes 2019-12-08 04:25:19 -05:00
security-misc.prerm copyright 2019-10-31 11:19:44 -04:00
security-misc.undisplace remove umask changes since these are causing issues are are not needed anymore 2019-08-24 12:14:22 -04:00
watch fix debian/watch lintian warning debian-watch-contains-dh_make-template 2019-06-08 00:05:35 -04:00