|
|
a51674410c
|
fix
|
2023-11-11 17:29:37 -05:00 |
|
|
|
fd1f38b2eb
|
remount-secure systemd unit
https://github.com/Kicksecure/security-misc/pull/152
|
2023-11-06 16:22:42 -05:00 |
|
|
|
79f9c1fb3a
|
add sysinit-post.target
https://github.com/Kicksecure/security-misc/pull/152
|
2023-11-06 15:48:09 -05:00 |
|
|
|
e1f413c1ee
|
disable harden-module-loading.service for now
due to issues
https://github.com/Kicksecure/security-misc/issues/159
|
2023-11-05 20:53:26 -05:00 |
|
|
|
f2ea1abc9b
|
comment
|
2023-11-05 20:53:03 -05:00 |
|
|
|
95d1cfb4a0
|
Revert "remove no longer required remount-service systemd unit"
This reverts commit 479ab61a1d.
https://github.com/Kicksecure/security-misc/pull/152
|
2023-11-05 20:49:36 -05:00 |
|
|
|
4482f1841c
|
newline
|
2023-11-05 20:13:14 -05:00 |
|
|
|
c5167c8f0d
|
fix systemd unit
https://github.com/Kicksecure/security-misc/issues/159
|
2023-11-05 20:12:03 -05:00 |
|
|
|
2571bbf315
|
duplicate
|
2023-11-05 18:42:25 -05:00 |
|
|
|
aa17087883
|
update path
|
2023-11-05 18:42:08 -05:00 |
|
|
|
4ebab940c7
|
description too long, fixed
|
2023-11-05 17:56:35 -05:00 |
|
|
|
a187d23c41
|
big fix
|
2023-11-04 20:56:08 +00:00 |
|
|
|
3e604618a8
|
harden-module-loading.service
|
2023-11-02 10:24:35 +00:00 |
|
|
|
479ab61a1d
|
remove no longer required remount-service systemd unit
|
2023-10-22 12:55:20 -04:00 |
|
|
|
ed11c68ac6
|
move remount-secure to /usr/bin/remount-secure to make it easier to manually run
|
2023-10-22 06:51:52 -04:00 |
|
|
|
59a5fea25d
|
documentation
|
2023-10-22 05:41:56 -04:00 |
|
|
|
ac63b0eb3d
|
remove duplicate
|
2023-10-22 05:41:11 -04:00 |
|
|
|
7a4212dd76
|
Update copyright
|
2023-03-30 17:08:47 +11:00 |
|
|
|
7bda2ad3e8
|
move ram-wipe scripts to dedicated ram-wipe package
|
2023-01-24 06:34:17 -05:00 |
|
|
|
c9107bb044
|
debugging
|
2023-01-07 16:11:48 -05:00 |
|
|
|
b7bb24f984
|
description
|
2023-01-07 16:09:11 -05:00 |
|
|
|
7cf51a1b43
|
Checking job queue instead of dbus
|
2023-01-06 21:32:57 -05:00 |
|
|
|
014d10b977
|
Update cold-boot-attack-defense-kexec-prepare.service
|
2023-01-06 13:52:09 -05:00 |
|
|
|
f463750920
|
Update cold-boot-attack-defense-kexec-prepare.service
|
2023-01-06 13:48:22 -05:00 |
|
|
|
73913ea5af
|
Added checks
|
2023-01-06 12:49:34 -05:00 |
|
|
|
a7015f4ddf
|
added files
|
2023-01-06 10:50:34 -05:00 |
|
|
|
2d37e3a1af
|
copyright
|
2022-05-20 14:46:38 -04:00 |
|
|
|
7d73b3ffa0
|
add hardened malloc compatibility for haveged workaround
`/lib/systemd/system/haveged.service.d/30_security-misc.conf`
`SystemCallFilter=getrandom`
Otherwise haveged will exit with a core dump.
|
2021-08-17 15:21:26 -04:00 |
|
|
|
50bdd097df
|
move /usr/lib/security-misc to /usr/libexec/security-misc as per lintian FHS
|
2021-08-03 12:56:31 -04:00 |
|
|
|
5a65c35479
|
port LKRG compatibility settings automation for VirtualBox hosts from systemd to dpkg trigger
|
2021-08-01 13:11:18 -04:00 |
|
|
|
257cef24ba
|
add LKRG compatibility settings automation for VirtualBox hosts
https://github.com/openwall/lkrg/issues/82
|
2021-07-24 18:03:40 -04:00 |
|
|
|
41734ec523
|
systemd RemainAfterExit=yes
for better usability
https://forums.whonix.org/t/restrict-hardware-information-to-root-testers-wanted/8618/33
|
2021-04-03 11:44:13 -04:00 |
|
|
|
a67007f4b7
|
copyright
|
2021-03-17 09:45:21 -04:00 |
|
|
|
8851c9ed29
|
fix: disable proc-hidepid.service
|
2020-04-14 12:39:34 -04:00 |
|
|
|
72be31e870
|
disable proc-hidepid by default because incompatible with pkexec
and undo pkexec wrapper
|
2020-04-12 16:48:13 -04:00 |
|
|
|
2ceea8d1fe
|
update copyright year
|
2020-04-01 08:49:59 -04:00 |
|
|
|
a37da1c968
|
add digits to drop-in file names
|
2020-01-24 04:39:06 -05:00 |
|
|
|
9c0d6b6057
|
copyright
|
2019-12-29 05:09:07 -05:00 |
|
|
|
edc08988f2
|
copyright
|
2019-12-29 05:08:53 -05:00 |
|
|
|
9156d3584c
|
Description
|
2019-12-29 04:59:05 -05:00 |
|
|
|
3ea946b365
|
RemainAfterExit=yes
|
2019-12-29 04:56:51 -05:00 |
|
|
|
2787ae9765
|
copyright
|
2019-12-29 04:56:35 -05:00 |
|
|
|
6d56eb9ef0
|
minor
|
2019-12-29 04:56:18 -05:00 |
|
|
|
0e14706f32
|
copyright
|
2019-12-29 04:45:26 -05:00 |
|
|
|
617c0a0e15
|
disable remount-secure.service - Disable for now until development finished / tested.
|
2019-12-23 07:21:26 -05:00 |
|
|
|
7f20160477
|
comment
|
2019-12-20 05:24:00 -05:00 |
|
|
|
a135ae9400
|
use must manually enable permission-hardening.service
until development finished
|
2019-12-20 05:22:59 -05:00 |
|
|
|
d80bf036f3
|
Disable permission hardening now until development finished / tested.
|
2019-12-09 03:50:43 -05:00 |
|
|
|
d7e2deae92
|
Create permission-hardening.service
|
2019-12-08 16:50:54 +00:00 |
|
|
|
1227ccd1f7
|
After=qubes-sysinit.service
|
2019-12-08 04:37:53 -05:00 |
|
