free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
5,745 Commits 5 Branches 0 Tags 125 MiB
Commit Graph

3889 Commits

Author SHA1 Message Date
Bob Mottram 052b557053 Multi-user chat config 2016-12-03 19:13:35 +00:00
Bob Mottram 79bfa16557 prosody database 2016-12-03 18:45:39 +00:00
Bob Mottram c0009d1be9 If pem certs are not available 2016-12-03 18:40:48 +00:00
Bob Mottram 1d4959ccaa More ssl params 2016-12-03 18:35:30 +00:00
Bob Mottram 0d98b41182 Tidying 2016-12-03 18:23:30 +00:00
Bob Mottram dcb87eb63a Remove any local commands 2016-12-03 18:17:41 +00:00
Bob Mottram b309419a2d Remove directory 2016-12-03 18:00:14 +00:00
Bob Mottram 5c7ac4e375 Permissions 2016-12-03 17:57:00 +00:00
Bob Mottram 896806b6f2 modules not installed 2016-12-03 17:25:18 +00:00
Bob Mottram 18cc2fdb22 Indentation 2016-12-03 17:24:17 +00:00
Bob Mottram 1f6f1ea969 Don't try to install modules package 2016-12-03 17:20:59 +00:00
Bob Mottram a001b16d76 Try to register after restart 2016-12-03 17:18:19 +00:00
Bob Mottram e123a8a2f4 Different way of referencing prosody modules 2016-12-03 17:13:43 +00:00
Bob Mottram 32a481b057 More xmpp carbons 2016-12-03 13:11:07 +00:00
Bob Mottram 0f89aafbad Prosody permissions 2016-12-03 13:07:29 +00:00
Bob Mottram 1bb1019249 Include pubsub 2016-12-03 12:55:08 +00:00
Bob Mottram 3806f4e4e9 Ensure prosody permissions 2016-12-03 12:37:07 +00:00
Bob Mottram 274097865f Create directories sooner 2016-12-03 11:43:01 +00:00
Bob Mottram 0f227587bb Ensure that prosody directory is available 2016-12-03 11:40:11 +00:00
Bob Mottram f28b2081d1 Double quotes 2016-12-03 11:26:56 +00:00
Bob Mottram 6611449670 No quotes 2016-12-03 11:21:33 +00:00
Bob Mottram 42de0ace18 Improve xmpp config 2016-12-03 11:18:19 +00:00
Bob Mottram 8d8ba4a788 dovecot permissions 2016-12-02 18:48:04 +00:00
Bob Mottram 7c6b6ae788 Bump mailpile commit 2016-12-02 14:13:14 +00:00
Bob Mottram 46a4f19698 Dovecot permissions 2016-12-02 12:41:48 +00:00
Bob Mottram 2b6abcaa62 Add mailpile to the mail group 2016-12-02 10:51:11 +00:00
Bob Mottram df8886a222 During interactive install bypass the app selecting stage 
This will ensure that apps all get separate passwords assigned
 2016-12-01 13:51:11 +00:00
Bob Mottram a9756f6baf Also check for successful mysql installation 2016-12-01 11:31:26 +00:00
Bob Mottram b94090b85e Drop the database on install failure 2016-12-01 11:17:33 +00:00
Bob Mottram 3695d6a138 Bump size of tmp 2016-12-01 10:53:40 +00:00
Bob Mottram 1c392150aa Show passes and fails 2016-12-01 10:47:04 +00:00
Bob Mottram 1a1e8826a6 Add STIG tests to the security menu 2016-12-01 10:41:48 +00:00
Bob Mottram 3ae78c3765 Optionally show all stig test passes 2016-12-01 10:38:23 +00:00
Bob Mottram 8e6edc7780 More generic sysctl patterns 2016-11-30 23:43:48 +00:00
Bob Mottram ac67e36611 Catch more sysctl comment patterns 2016-11-30 23:39:32 +00:00
Bob Mottram 28f5fe42c4 Lockdown after upgrades 2016-11-30 21:22:40 +00:00
Bob Mottram 4ed6e4ff7f Schedule daily STIG tests 2016-11-30 21:00:17 +00:00
Bob Mottram cf74c113cb Null passwords not permitted 2016-11-30 20:40:32 +00:00
Bob Mottram b0ed59de5f Remove messages when running STIG 2016-11-30 20:21:58 +00:00
Bob Mottram 0e47f66928 Test STIG separately and with no output if all tests pass 2016-11-30 20:20:13 +00:00
Bob Mottram 42d5bc9321 Move tmp to a ramdisk 2016-11-30 20:10:51 +00:00
Bob Mottram 8f11ab2102 Don't check bluetooth 
In most cases it doesn't exist and if it does it gets turned off in the config
 2016-11-30 19:36:01 +00:00
Bob Mottram fa9c3b6f22 Prefer bettercrypto cyphers 2016-11-30 19:16:27 +00:00
Bob Mottram 28e8155750 Modules aren't installed anyway 2016-11-30 18:27:07 +00:00
Bob Mottram b872f429c6 Invert logic 2016-11-30 18:08:58 +00:00
Bob Mottram 496f3cd4f2 Not needed, handled by unattended upgrades 2016-11-30 18:02:50 +00:00
Bob Mottram 3f0d9b7b82 Disable null passwords 2016-11-30 17:54:45 +00:00
Bob Mottram 05a6efe365 This only applies in a typical server scenario where there are lots of users on one machine 2016-11-30 17:48:31 +00:00
Bob Mottram e6d4f1af0c Logging is already minimised by default 2016-11-30 17:37:53 +00:00
Bob Mottram b88a3e867b Disable tipc 2016-11-30 17:24:05 +00:00
Bob Mottram 6b4dba4771 Disable rds 2016-11-30 17:21:22 +00:00
Bob Mottram 21a3edf51a Disable sctp 2016-11-30 17:18:22 +00:00
Bob Mottram c9f6fbd54f Disable dccp 2016-11-30 17:15:43 +00:00
Bob Mottram 82a57bc41c Don't accept redirects 2016-11-30 17:04:56 +00:00
Bob Mottram b9ad7e57a3 ipv6 can be used 2016-11-30 16:26:05 +00:00
Bob Mottram b399c50c26 More ip rules 2016-11-30 16:18:40 +00:00
Bob Mottram 23f67f2426 Checking for ctrl-alt-del link 2016-11-30 15:43:31 +00:00
Bob Mottram 73316797e3 Change rule to exclude nonexistent directory 2016-11-30 14:38:28 +00:00
Bob Mottram 8dfaa5d981 irc user directory 2016-11-30 14:25:27 +00:00
Bob Mottram 01c8ac8b60 Passwords are usually random so this doesn't apply 2016-11-30 14:00:44 +00:00
Bob Mottram f45f281dd4 Set lychee permissions 2016-11-30 13:55:41 +00:00
Bob Mottram 6090d6c84c Permission on tox node keys 2016-11-30 13:51:03 +00:00
Bob Mottram 5c79c584fc Set sticky bits 2016-11-30 13:40:17 +00:00
Bob Mottram 3f58fc17d2 exim/procmail command permissions 2016-11-30 13:12:15 +00:00
Bob Mottram b97ec3892b Dummy nologin command 
To fix STIG error
 2016-11-30 10:30:56 +00:00
Bob Mottram 7e9f249e11 radicale user directory 2016-11-30 10:23:58 +00:00
Bob Mottram 466dec4d89 Change function name 2016-11-30 09:41:56 +00:00
Bob Mottram c4de2e86d2 Add and remove groups when for users 2016-11-30 09:40:10 +00:00
Bob Mottram e51e1a9ce2 Help option 2016-11-30 09:36:12 +00:00
Bob Mottram 396b202982 Disable core dumps 2016-11-29 23:19:31 +00:00
Bob Mottram a76a4d22f9 Disk encryption is optional 2016-11-29 23:13:36 +00:00
Bob Mottram a25037f226 Firewall drops forwards 2016-11-29 23:10:55 +00:00
Bob Mottram 4eced972fd Install screen to enable console locking 2016-11-29 22:39:29 +00:00
Bob Mottram 83ef278c13 Done via control panel 2016-11-29 22:13:03 +00:00
Bob Mottram 4a4fd7899f root mail 2016-11-29 22:12:02 +00:00
Bob Mottram f6fd2111e7 Ensure permissions on freedombone commands 2016-11-29 21:49:40 +00:00
Bob Mottram 9749cb43ce sudo permissions 2016-11-29 21:17:52 +00:00
Bob Mottram 11899c9904 Set command file permissions 2016-11-29 20:49:11 +00:00
Bob Mottram 8e9933725d Remove logins via serial console 2016-11-29 20:34:29 +00:00
Bob Mottram 7a66ad8571 Use tripwire 2016-11-29 20:17:00 +00:00
Bob Mottram 2fb341b487 In most cases the boot loader isn't grub 2016-11-29 19:34:24 +00:00
Bob Mottram 35d789f133 Limit the number of user logins 2016-11-29 19:30:36 +00:00
Bob Mottram c24e7a4d0c Reset user password tries from the control panel 2016-11-29 19:12:17 +00:00
Bob Mottram a686f2401c Limit number of login attempts 2016-11-29 18:10:27 +00:00
Bob Mottram b8b0637e13 Set maximum login attempts 2016-11-29 16:31:07 +00:00
Bob Mottram 5e7a01f193 Not applicable for random passwords 2016-11-29 15:36:46 +00:00
Bob Mottram f9d646cb31 Not applicable to random passwords 2016-11-29 15:34:51 +00:00
Bob Mottram de1eb3fe2c Passwords are randomly generated 2016-11-29 15:34:12 +00:00
Bob Mottram d6323eeaa8 Doesn't apply with this system 2016-11-29 15:32:56 +00:00
Bob Mottram f20c6aebf3 Ignore bogons 2016-11-29 15:31:50 +00:00
Bob Mottram e1a352919f No permissions on shadow most of the time 2016-11-29 15:00:40 +00:00
Bob Mottram 4b81fde030 Alter permissions when adding and removing users 2016-11-29 14:42:27 +00:00
Bob Mottram 0d568644e0 Set shadow permissions 2016-11-29 14:31:54 +00:00
Bob Mottram 63821d3c21 Disable deferred execution 2016-11-29 13:53:16 +00:00
Bob Mottram a3e4aaa57b Removing x11-common would remove some essential stuff, including emacs 2016-11-29 13:36:20 +00:00
Bob Mottram f5b3393a3b Set login umask 2016-11-29 13:31:36 +00:00
Bob Mottram 4add2899d7 Don't use postfix 2016-11-29 13:18:46 +00:00
Bob Mottram 4d0e030130 Disable nfs insecure locks 2016-11-29 13:16:53 +00:00
Bob Mottram e5b04a2d1f Don't lock inactive accounts 2016-11-29 13:07:47 +00:00
Bob Mottram cb87c06f90 Remove bluetooth 2016-11-29 13:01:00 +00:00