security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2024-12-23 01:03:35 +07:00

Author	SHA1	Message	Date
Patrick Schleizer	1123d23114	remount-secure: disable debugging to save space in initrd	2023-10-26 18:45:07 -04:00
monsieuremre	f0857fd560	Fix double mount issue for /var/log and /var/tmp Mounting var with bind and mounting a subdirectory causes /var/tmp and /var/log bind mounted twice each. can be checked with lsblk. When we bind mount var only after having mounted the subdirectories, everything is mounted only one.	2023-10-23 15:33:05 +00:00
Patrick Schleizer	d2e8a6dad3	debugging	2023-10-22 19:21:51 -04:00
Patrick Schleizer	e7aafd64d4	refactoring	2023-10-22 19:16:12 -04:00
Patrick Schleizer	d521662d04	comment	2023-10-22 16:49:36 -04:00
Patrick Schleizer	0e80acf38d	fix	2023-10-22 16:45:10 -04:00
Patrick Schleizer	5182d7502b	improve remount-secure	2023-10-22 16:08:21 -04:00
Patrick Schleizer	a88c0a3ad2	fix	2023-10-22 15:44:30 -04:00
Patrick Schleizer	a7629b98cf	fix	2023-10-22 15:40:49 -04:00
Patrick Schleizer	7112eac3be	output	2023-10-22 15:37:21 -04:00
Patrick Schleizer	f80b5fe376	fix	2023-10-22 15:36:16 -04:00
Patrick Schleizer	ce0babce21	comment	2023-10-22 15:35:03 -04:00
Patrick Schleizer	70cbe4daaa	fix	2023-10-22 15:33:11 -04:00
Patrick Schleizer	9b9e9ce1c0	fix	2023-10-22 15:27:01 -04:00
Patrick Schleizer	3731716a49	fix	2023-10-22 15:14:22 -04:00
Patrick Schleizer	eec87a0508	fix	2023-10-22 15:11:26 -04:00
Patrick Schleizer	f3286cf440	fix	2023-10-22 15:10:21 -04:00
Patrick Schleizer	eb90d38d8c	fix	2023-10-22 15:05:33 -04:00
Patrick Schleizer	7f03c2b137	fix	2023-10-22 14:45:45 -04:00
Patrick Schleizer	c85db586ca	improve	2023-10-22 14:44:58 -04:00
Patrick Schleizer	7c0ea4324a	fix	2023-10-22 14:39:52 -04:00
Patrick Schleizer	6198ae317c	fix	2023-10-22 14:29:02 -04:00
Patrick Schleizer	245fad0986	fix	2023-10-22 14:00:06 -04:00
Patrick Schleizer	619f1705e1	output	2023-10-22 13:58:55 -04:00
Patrick Schleizer	e689f38ad0	todo	2023-10-22 13:31:44 -04:00
Patrick Schleizer	6675a2e931	fix	2023-10-22 13:30:50 -04:00
Patrick Schleizer	84ca0ac8a0	improve remount-secure	2023-10-22 12:54:25 -04:00
Patrick Schleizer	e7d30955e8	debugging	2023-10-22 11:28:08 -04:00
Patrick Schleizer	8eb4607a0e	improve	2023-10-22 11:12:54 -04:00
Patrick Schleizer	f1da0ce746	fix	2023-10-22 11:11:10 -04:00
Patrick Schleizer	26826e8398	fix	2023-10-22 11:06:34 -04:00
Patrick Schleizer	233fa4625b	output	2023-10-22 10:49:53 -04:00
Patrick Schleizer	3ebe8cf4de	refactoring	2023-10-22 10:41:42 -04:00
Patrick Schleizer	24d2e26397	no longer reproducible	2023-10-22 10:40:19 -04:00
Patrick Schleizer	fcba70df2e	refactoring	2023-10-22 10:38:48 -04:00
Patrick Schleizer	a05bd3dd0e	/home last because most likely to fail	2023-10-22 10:37:02 -04:00
Patrick Schleizer	41077c94fb	improve remount-secure	2023-10-22 10:32:24 -04:00
Patrick Schleizer	ef69e512bd	refactoring	2023-10-22 10:25:57 -04:00
Patrick Schleizer	d5cb7ecec9	use findmnt	2023-10-22 10:22:21 -04:00
Patrick Schleizer	45ce0ff74d	debugging	2023-10-22 10:16:43 -04:00
Patrick Schleizer	292a5c3a8a	fix	2023-10-22 10:11:31 -04:00
Patrick Schleizer	181a642479	root check	2023-10-22 10:01:38 -04:00
Patrick Schleizer	84fd41931c	/var/run -> /run	2023-10-22 09:44:17 -04:00
Patrick Schleizer	c409e3221e	implement remount-secure	2023-10-22 09:36:03 -04:00
Patrick Schleizer	167683ce76	code simplification	2023-10-22 08:50:57 -04:00
Patrick Schleizer	f0ee470ecd	comment	2023-10-22 07:51:05 -04:00
Patrick Schleizer	e257f2a380	remount-secure: no longer use /usr/libexec/helper-scripts/pre.bsh as not simple with dracut	2023-10-22 07:50:14 -04:00
Patrick Schleizer	ed11c68ac6	move remount-secure to /usr/bin/remount-secure to make it easier to manually run	2023-10-22 06:51:52 -04:00
Raja Grewal	7a4212dd76	Update copyright	2023-03-30 17:08:47 +11:00
Patrick Schleizer	6d7a782624	fix	2022-11-24 07:21:46 -05:00
Patrick Schleizer	39b35ef9ac	fix	2022-11-24 06:49:15 -05:00
Patrick Schleizer	d05c101721	debugging	2022-11-24 06:31:24 -05:00
Patrick Schleizer	36454c2dbf	debugging	2022-11-24 06:25:47 -05:00
Patrick Schleizer	e06b173a1b	debugging	2022-11-24 06:24:14 -05:00
Patrick Schleizer	497b5b4544	fix	2022-11-24 06:14:04 -05:00
Patrick Schleizer	e5255a630a	pam-info: support non-root environments (such as during graphical display manager login and xscreensaver)	2022-11-22 05:57:30 -05:00
Patrick Schleizer	eb8535fe87	renamed: usr/bin/disabled-by-security-misc -> bin/disabled-by-security-misc	2022-07-07 15:48:39 -04:00
Raja Grewal	780dc8eec9	replace /bin/false -> /bin/disabled-by-security-misc	2022-07-08 04:11:25 +10:00
Patrick Schleizer	2d37e3a1af	copyright	2022-05-20 14:46:38 -04:00
Patrick Schleizer	50bdd097df	move /usr/lib/security-misc to /usr/libexec/security-misc as per lintian FHS	2021-08-03 12:56:31 -04:00
Patrick Schleizer	a67007f4b7	copyright	2021-03-17 09:45:21 -04:00
Patrick Schleizer	2ceea8d1fe	update copyright year	2020-04-01 08:49:59 -04:00
Patrick Schleizer	649ec5dfa1	pkexec wrapper: fix gdebi / synaptic but at cost of checking for passwordless sudo /etc/suders /etc/sudoers.d exceptions. http://forums.whonix.org/t/cannot-use-pkexec/8129/53	2020-02-29 04:59:56 -05:00
Patrick Schleizer	80159545a5	fix xfce4-power-manager xfpm-power-backlight-helper pkexec lxsudo popup https://forums.whonix.org/t/xfce4-power-manager-xfpm-power-backlight-helper-pkexec-lxsudo-popup/8764 do show lxqt-sudo password prompt if there is a sudoers exceptoin improved pkexec wrapper logging	2020-01-15 02:42:10 -05:00
Patrick Schleizer	d90ca4b1ad	refactoring	2020-01-14 15:12:13 -05:00
Patrick Schleizer	082f04f2d4	add logging to pkexec wrapper	2020-01-14 15:04:58 -05:00
Patrick Schleizer	6dd6530fa5	remove hardening-enable please invent package security-paranoid instead https://forums.whonix.org/t/security-hardening-tool-usr-bin-hardening-enable-by-security-misc/8609	2019-12-20 05:32:26 -05:00
Patrick Schleizer	ac96708b24	improve usr/bin/hardening-enable	2019-12-08 04:01:11 -05:00
Patrick Schleizer	1dbca1ea2d	add usr/bin/hardening-enable	2019-12-08 02:27:09 -05:00
Patrick Schleizer	bce5274a15	quotes fix	2019-10-22 09:22:29 -04:00
Patrick Schleizer	e20b9e2133	better solution when using pkexec with --user: wrap sudo --user with lxqt-sudo	2019-10-22 09:08:18 -04:00
Patrick Schleizer	d4e02de43a	set SUDO_ASKPASS for pkexec wrapper when using sudo --askpass	2019-10-22 09:04:44 -04:00
Patrick Schleizer	1a65a91039	long rather than short option	2019-10-22 08:56:05 -04:00
Patrick Schleizer	b55913637b	silence output by mount/grep	2019-10-22 08:54:48 -04:00
Patrick Schleizer	a1154170c9	Call original pkexec in case there are no arguments.	2019-10-22 08:54:17 -04:00
Patrick Schleizer	40707e70db	Redirect calls for pkexec to lxqt-sudo because pkexec is incompatible with hidepid. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860040 https://forums.whonix.org/t/cannot-use-pkexec/8129 Thanks to AnonymousUser for the bug report!	2019-10-21 05:46:49 -04:00

1 2 3 4

176 Commits