Commit Graph

7526 Commits

Author SHA1 Message Date
Bob Mottram 6c904ee967 We don't really need to backup mailpile 2017-08-09 23:30:36 +01:00
Bob Mottram 364b57a3d9 Turn off magic sysrq 2017-08-09 17:46:09 +01:00
Bob Mottram 850d5628a8 Don't panic! 2017-08-09 17:34:44 +01:00
Bob Mottram 46b37c96c1 Manual hash check after verify 2017-08-09 11:29:56 +01:00
Bob Mottram 659e49c477 Check a given hash against the tripwire database 2017-08-09 11:27:13 +01:00
Bob Mottram adef1bb88f Turn off ssl in dovecot when using mailpile 2017-08-08 21:18:52 +01:00
Bob Mottram acebf591bc Mailpile user permissions 2017-08-08 21:16:07 +01:00
Bob Mottram d93167fa60 Bump mailpile commit 2017-08-08 20:21:34 +01:00
Bob Mottram 2325be1f58 Nextcloud upgrade command 2017-08-08 19:24:47 +01:00
Bob Mottram 963d382d22 bump nextcloud commit 2017-08-08 18:59:28 +01:00
Bob Mottram f9f27765d1 More specific 2017-08-08 17:39:19 +01:00
Bob Mottram ff042c03b3 nextcloud advisory 2017-08-08 17:18:43 +01:00
Bob Mottram 4efb04dce5 Additional tripwire rules 2017-08-08 13:26:39 +01:00
Bob Mottram 32d89e951f Fix nextcloud leak of version information
This could be of obvious use to adversaries
2017-08-08 11:05:25 +01:00
Bob Mottram 70813b5a65 Setting prosody group 2017-08-07 21:40:19 +01:00
Bob Mottram 5096ba9cc1 Tidying 2017-08-07 21:29:31 +01:00
Bob Mottram 68bbd5e693 Updating gpg keys 2017-08-07 19:04:16 +01:00
Bob Mottram 99d88d8792 Don't update certs on upgrade 2017-08-07 18:45:39 +01:00
Bob Mottram d3b3bd1d9b Try without the pep dance 2017-08-07 18:15:36 +01:00
Bob Mottram c80feb6768 Only update logindefs when needed 2017-08-07 17:31:37 +01:00
Bob Mottram 51de0ff9b3 grep string 2017-08-07 15:17:41 +01:00
Bob Mottram ee6925eeb6 Test for predictable device names 2017-08-07 14:46:08 +01:00
Bob Mottram 90dc589eb9 Removing of bluetooth kernel module 2017-08-07 14:18:59 +01:00
Bob Mottram 8c5aaeddc0 fail2ban isn't useful when logging is turned off most of the time 2017-08-07 13:56:25 +01:00
Bob Mottram fb811406e9 Include utils in logging command
So that functions can be called by logging app routines
2017-08-07 13:42:05 +01:00
Bob Mottram a59a84a0a3 kanboard logging functions 2017-08-07 13:32:16 +01:00
Bob Mottram 22557c6359 Don't repeatedly try to install amd64 kernel 2017-08-07 13:16:47 +01:00
Bob Mottram 0ee00f775c Ownership of ghost binary 2017-08-07 10:51:21 +01:00
Bob Mottram 079c5acc78 Show non-root files in stig result 2017-08-07 10:48:38 +01:00
Bob Mottram b8a873f9d2 Show non-root files on stig test 2017-08-07 10:34:49 +01:00
Bob Mottram b654846c86 Fix typo 2017-08-06 21:21:51 +01:00
Bob Mottram db322c02d3 keyserver database gets cleaned up anyway via the daily sks script 2017-08-06 21:07:02 +01:00
Bob Mottram bb64427344 Reverse logic 2017-08-06 17:12:03 +01:00
Bob Mottram 66f784ed55 Only change xmpp config if needed 2017-08-06 14:34:48 +01:00
Bob Mottram 5950438ced Fix account required 2017-08-06 13:50:52 +01:00
Bob Mottram 267851bd89 Only alter fstab if needed 2017-08-06 12:50:31 +01:00
Bob Mottram 42754613df xmpp logging conditions 2017-08-05 23:30:38 +01:00
Bob Mottram c8de324376 Only change login umask when needed 2017-08-05 23:16:37 +01:00
Bob Mottram f7f323b763 Only change pam values when needed 2017-08-05 23:13:28 +01:00
Bob Mottram c1650ae415 Only update limits when needed 2017-08-05 23:07:31 +01:00
Bob Mottram 7e24becb9c Only disable ctrl-alt-del once 2017-08-05 23:00:46 +01:00
Bob Mottram 259e061dcf Turing rsyslog on or off 2017-08-05 22:23:52 +01:00
Bob Mottram bd86c4b19a Only remove motd instructions once 2017-08-05 22:15:32 +01:00
Bob Mottram c713c613c9 Don't repeatedly config congestion control 2017-08-05 22:11:02 +01:00
Bob Mottram bbcc17f2d1 Only copy files which have changed 2017-08-05 21:16:37 +01:00
Bob Mottram f703a95971 Only copy stig tests script if it changes 2017-08-05 20:41:21 +01:00
Bob Mottram 9cf9388131 Indicate permissions lockdown 2017-08-05 20:24:46 +01:00
Bob Mottram 50867e7770 Clear before lockdown 2017-08-05 20:22:45 +01:00
Bob Mottram 1b6782f12a Remove clears 2017-08-05 20:21:14 +01:00
Bob Mottram a15759e394 Lockdown before tripwire reset 2017-08-05 20:13:11 +01:00