Bob Mottram
|
052b557053
|
Multi-user chat config
|
2016-12-03 19:13:35 +00:00 |
Bob Mottram
|
79bfa16557
|
prosody database
|
2016-12-03 18:45:39 +00:00 |
Bob Mottram
|
c0009d1be9
|
If pem certs are not available
|
2016-12-03 18:40:48 +00:00 |
Bob Mottram
|
1d4959ccaa
|
More ssl params
|
2016-12-03 18:35:30 +00:00 |
Bob Mottram
|
0d98b41182
|
Tidying
|
2016-12-03 18:23:30 +00:00 |
Bob Mottram
|
dcb87eb63a
|
Remove any local commands
|
2016-12-03 18:17:41 +00:00 |
Bob Mottram
|
b309419a2d
|
Remove directory
|
2016-12-03 18:00:14 +00:00 |
Bob Mottram
|
5c7ac4e375
|
Permissions
|
2016-12-03 17:57:00 +00:00 |
Bob Mottram
|
896806b6f2
|
modules not installed
|
2016-12-03 17:25:18 +00:00 |
Bob Mottram
|
18cc2fdb22
|
Indentation
|
2016-12-03 17:24:17 +00:00 |
Bob Mottram
|
1f6f1ea969
|
Don't try to install modules package
|
2016-12-03 17:20:59 +00:00 |
Bob Mottram
|
a001b16d76
|
Try to register after restart
|
2016-12-03 17:18:19 +00:00 |
Bob Mottram
|
e123a8a2f4
|
Different way of referencing prosody modules
|
2016-12-03 17:13:43 +00:00 |
Bob Mottram
|
32a481b057
|
More xmpp carbons
|
2016-12-03 13:11:07 +00:00 |
Bob Mottram
|
0f89aafbad
|
Prosody permissions
|
2016-12-03 13:07:29 +00:00 |
Bob Mottram
|
1bb1019249
|
Include pubsub
|
2016-12-03 12:55:08 +00:00 |
Bob Mottram
|
3806f4e4e9
|
Ensure prosody permissions
|
2016-12-03 12:37:07 +00:00 |
Bob Mottram
|
274097865f
|
Create directories sooner
|
2016-12-03 11:43:01 +00:00 |
Bob Mottram
|
0f227587bb
|
Ensure that prosody directory is available
|
2016-12-03 11:40:11 +00:00 |
Bob Mottram
|
f28b2081d1
|
Double quotes
|
2016-12-03 11:26:56 +00:00 |
Bob Mottram
|
6611449670
|
No quotes
|
2016-12-03 11:21:33 +00:00 |
Bob Mottram
|
42de0ace18
|
Improve xmpp config
|
2016-12-03 11:18:19 +00:00 |
Bob Mottram
|
8d8ba4a788
|
dovecot permissions
|
2016-12-02 18:48:04 +00:00 |
Bob Mottram
|
7c6b6ae788
|
Bump mailpile commit
|
2016-12-02 14:13:14 +00:00 |
Bob Mottram
|
46a4f19698
|
Dovecot permissions
|
2016-12-02 12:41:48 +00:00 |
Bob Mottram
|
2b6abcaa62
|
Add mailpile to the mail group
|
2016-12-02 10:51:11 +00:00 |
Bob Mottram
|
df8886a222
|
During interactive install bypass the app selecting stage
This will ensure that apps all get separate passwords assigned
|
2016-12-01 13:51:11 +00:00 |
Bob Mottram
|
a9756f6baf
|
Also check for successful mysql installation
|
2016-12-01 11:31:26 +00:00 |
Bob Mottram
|
b94090b85e
|
Drop the database on install failure
|
2016-12-01 11:17:33 +00:00 |
Bob Mottram
|
3695d6a138
|
Bump size of tmp
|
2016-12-01 10:53:40 +00:00 |
Bob Mottram
|
1c392150aa
|
Show passes and fails
|
2016-12-01 10:47:04 +00:00 |
Bob Mottram
|
1a1e8826a6
|
Add STIG tests to the security menu
|
2016-12-01 10:41:48 +00:00 |
Bob Mottram
|
3ae78c3765
|
Optionally show all stig test passes
|
2016-12-01 10:38:23 +00:00 |
Bob Mottram
|
8e6edc7780
|
More generic sysctl patterns
|
2016-11-30 23:43:48 +00:00 |
Bob Mottram
|
ac67e36611
|
Catch more sysctl comment patterns
|
2016-11-30 23:39:32 +00:00 |
Bob Mottram
|
28f5fe42c4
|
Lockdown after upgrades
|
2016-11-30 21:22:40 +00:00 |
Bob Mottram
|
4ed6e4ff7f
|
Schedule daily STIG tests
|
2016-11-30 21:00:17 +00:00 |
Bob Mottram
|
cf74c113cb
|
Null passwords not permitted
|
2016-11-30 20:40:32 +00:00 |
Bob Mottram
|
b0ed59de5f
|
Remove messages when running STIG
|
2016-11-30 20:21:58 +00:00 |
Bob Mottram
|
0e47f66928
|
Test STIG separately and with no output if all tests pass
|
2016-11-30 20:20:13 +00:00 |
Bob Mottram
|
42d5bc9321
|
Move tmp to a ramdisk
|
2016-11-30 20:10:51 +00:00 |
Bob Mottram
|
8f11ab2102
|
Don't check bluetooth
In most cases it doesn't exist and if it does it gets turned off in the config
|
2016-11-30 19:36:01 +00:00 |
Bob Mottram
|
fa9c3b6f22
|
Prefer bettercrypto cyphers
|
2016-11-30 19:16:27 +00:00 |
Bob Mottram
|
28e8155750
|
Modules aren't installed anyway
|
2016-11-30 18:27:07 +00:00 |
Bob Mottram
|
b872f429c6
|
Invert logic
|
2016-11-30 18:08:58 +00:00 |
Bob Mottram
|
496f3cd4f2
|
Not needed, handled by unattended upgrades
|
2016-11-30 18:02:50 +00:00 |
Bob Mottram
|
3f0d9b7b82
|
Disable null passwords
|
2016-11-30 17:54:45 +00:00 |
Bob Mottram
|
05a6efe365
|
This only applies in a typical server scenario where there are lots of users on one machine
|
2016-11-30 17:48:31 +00:00 |
Bob Mottram
|
e6d4f1af0c
|
Logging is already minimised by default
|
2016-11-30 17:37:53 +00:00 |
Bob Mottram
|
b88a3e867b
|
Disable tipc
|
2016-11-30 17:24:05 +00:00 |
Bob Mottram
|
6b4dba4771
|
Disable rds
|
2016-11-30 17:21:22 +00:00 |
Bob Mottram
|
21a3edf51a
|
Disable sctp
|
2016-11-30 17:18:22 +00:00 |
Bob Mottram
|
c9f6fbd54f
|
Disable dccp
|
2016-11-30 17:15:43 +00:00 |
Bob Mottram
|
82a57bc41c
|
Don't accept redirects
|
2016-11-30 17:04:56 +00:00 |
Bob Mottram
|
b9ad7e57a3
|
ipv6 can be used
|
2016-11-30 16:26:05 +00:00 |
Bob Mottram
|
b399c50c26
|
More ip rules
|
2016-11-30 16:18:40 +00:00 |
Bob Mottram
|
23f67f2426
|
Checking for ctrl-alt-del link
|
2016-11-30 15:43:31 +00:00 |
Bob Mottram
|
73316797e3
|
Change rule to exclude nonexistent directory
|
2016-11-30 14:38:28 +00:00 |
Bob Mottram
|
8dfaa5d981
|
irc user directory
|
2016-11-30 14:25:27 +00:00 |
Bob Mottram
|
01c8ac8b60
|
Passwords are usually random so this doesn't apply
|
2016-11-30 14:00:44 +00:00 |
Bob Mottram
|
f45f281dd4
|
Set lychee permissions
|
2016-11-30 13:55:41 +00:00 |
Bob Mottram
|
6090d6c84c
|
Permission on tox node keys
|
2016-11-30 13:51:03 +00:00 |
Bob Mottram
|
5c79c584fc
|
Set sticky bits
|
2016-11-30 13:40:17 +00:00 |
Bob Mottram
|
3f58fc17d2
|
exim/procmail command permissions
|
2016-11-30 13:12:15 +00:00 |
Bob Mottram
|
b97ec3892b
|
Dummy nologin command
To fix STIG error
|
2016-11-30 10:30:56 +00:00 |
Bob Mottram
|
7e9f249e11
|
radicale user directory
|
2016-11-30 10:23:58 +00:00 |
Bob Mottram
|
466dec4d89
|
Change function name
|
2016-11-30 09:41:56 +00:00 |
Bob Mottram
|
c4de2e86d2
|
Add and remove groups when for users
|
2016-11-30 09:40:10 +00:00 |
Bob Mottram
|
e51e1a9ce2
|
Help option
|
2016-11-30 09:36:12 +00:00 |
Bob Mottram
|
396b202982
|
Disable core dumps
|
2016-11-29 23:19:31 +00:00 |
Bob Mottram
|
a76a4d22f9
|
Disk encryption is optional
|
2016-11-29 23:13:36 +00:00 |
Bob Mottram
|
a25037f226
|
Firewall drops forwards
|
2016-11-29 23:10:55 +00:00 |
Bob Mottram
|
4eced972fd
|
Install screen to enable console locking
|
2016-11-29 22:39:29 +00:00 |
Bob Mottram
|
83ef278c13
|
Done via control panel
|
2016-11-29 22:13:03 +00:00 |
Bob Mottram
|
4a4fd7899f
|
root mail
|
2016-11-29 22:12:02 +00:00 |
Bob Mottram
|
f6fd2111e7
|
Ensure permissions on freedombone commands
|
2016-11-29 21:49:40 +00:00 |
Bob Mottram
|
9749cb43ce
|
sudo permissions
|
2016-11-29 21:17:52 +00:00 |
Bob Mottram
|
11899c9904
|
Set command file permissions
|
2016-11-29 20:49:11 +00:00 |
Bob Mottram
|
8e9933725d
|
Remove logins via serial console
|
2016-11-29 20:34:29 +00:00 |
Bob Mottram
|
7a66ad8571
|
Use tripwire
|
2016-11-29 20:17:00 +00:00 |
Bob Mottram
|
2fb341b487
|
In most cases the boot loader isn't grub
|
2016-11-29 19:34:24 +00:00 |
Bob Mottram
|
35d789f133
|
Limit the number of user logins
|
2016-11-29 19:30:36 +00:00 |
Bob Mottram
|
c24e7a4d0c
|
Reset user password tries from the control panel
|
2016-11-29 19:12:17 +00:00 |
Bob Mottram
|
a686f2401c
|
Limit number of login attempts
|
2016-11-29 18:10:27 +00:00 |
Bob Mottram
|
b8b0637e13
|
Set maximum login attempts
|
2016-11-29 16:31:07 +00:00 |
Bob Mottram
|
5e7a01f193
|
Not applicable for random passwords
|
2016-11-29 15:36:46 +00:00 |
Bob Mottram
|
f9d646cb31
|
Not applicable to random passwords
|
2016-11-29 15:34:51 +00:00 |
Bob Mottram
|
de1eb3fe2c
|
Passwords are randomly generated
|
2016-11-29 15:34:12 +00:00 |
Bob Mottram
|
d6323eeaa8
|
Doesn't apply with this system
|
2016-11-29 15:32:56 +00:00 |
Bob Mottram
|
f20c6aebf3
|
Ignore bogons
|
2016-11-29 15:31:50 +00:00 |
Bob Mottram
|
e1a352919f
|
No permissions on shadow most of the time
|
2016-11-29 15:00:40 +00:00 |
Bob Mottram
|
4b81fde030
|
Alter permissions when adding and removing users
|
2016-11-29 14:42:27 +00:00 |
Bob Mottram
|
0d568644e0
|
Set shadow permissions
|
2016-11-29 14:31:54 +00:00 |
Bob Mottram
|
63821d3c21
|
Disable deferred execution
|
2016-11-29 13:53:16 +00:00 |
Bob Mottram
|
a3e4aaa57b
|
Removing x11-common would remove some essential stuff, including emacs
|
2016-11-29 13:36:20 +00:00 |
Bob Mottram
|
f5b3393a3b
|
Set login umask
|
2016-11-29 13:31:36 +00:00 |
Bob Mottram
|
4add2899d7
|
Don't use postfix
|
2016-11-29 13:18:46 +00:00 |
Bob Mottram
|
4d0e030130
|
Disable nfs insecure locks
|
2016-11-29 13:16:53 +00:00 |
Bob Mottram
|
e5b04a2d1f
|
Don't lock inactive accounts
|
2016-11-29 13:07:47 +00:00 |
Bob Mottram
|
cb87c06f90
|
Remove bluetooth
|
2016-11-29 13:01:00 +00:00 |