Commit Graph

5873 Commits

Author SHA1 Message Date
Bob Mottram 274097865f Create directories sooner 2016-12-03 11:43:01 +00:00
Bob Mottram 0f227587bb Ensure that prosody directory is available 2016-12-03 11:40:11 +00:00
Bob Mottram f28b2081d1 Double quotes 2016-12-03 11:26:56 +00:00
Bob Mottram 6611449670 No quotes 2016-12-03 11:21:33 +00:00
Bob Mottram 42de0ace18 Improve xmpp config 2016-12-03 11:18:19 +00:00
Bob Mottram a2ba737286 Replace ssh heading 2016-12-02 22:24:58 +00:00
Bob Mottram 16577e9692 Link to mobile advice 2016-12-02 22:22:49 +00:00
Bob Mottram 3376dbb813 Change email advice 2016-12-02 22:21:42 +00:00
Bob Mottram 8d8ba4a788 dovecot permissions 2016-12-02 18:48:04 +00:00
Bob Mottram 7c6b6ae788 Bump mailpile commit 2016-12-02 14:13:14 +00:00
Bob Mottram 46a4f19698 Dovecot permissions 2016-12-02 12:41:48 +00:00
Bob Mottram 2b6abcaa62 Add mailpile to the mail group 2016-12-02 10:51:11 +00:00
Bob Mottram df8886a222 During interactive install bypass the app selecting stage
This will ensure that apps all get separate passwords assigned
2016-12-01 13:51:11 +00:00
Bob Mottram a9756f6baf Also check for successful mysql installation 2016-12-01 11:31:26 +00:00
Bob Mottram b94090b85e Drop the database on install failure 2016-12-01 11:17:33 +00:00
Bob Mottram 3695d6a138 Bump size of tmp 2016-12-01 10:53:40 +00:00
Bob Mottram 1c392150aa Show passes and fails 2016-12-01 10:47:04 +00:00
Bob Mottram 1a1e8826a6 Add STIG tests to the security menu 2016-12-01 10:41:48 +00:00
Bob Mottram 3ae78c3765 Optionally show all stig test passes 2016-12-01 10:38:23 +00:00
Bob Mottram 8e6edc7780 More generic sysctl patterns 2016-11-30 23:43:48 +00:00
Bob Mottram ac67e36611 Catch more sysctl comment patterns 2016-11-30 23:39:32 +00:00
Bob Mottram 28f5fe42c4 Lockdown after upgrades 2016-11-30 21:22:40 +00:00
Bob Mottram 4ed6e4ff7f Schedule daily STIG tests 2016-11-30 21:00:17 +00:00
Bob Mottram cf74c113cb Null passwords not permitted 2016-11-30 20:40:32 +00:00
Bob Mottram b0ed59de5f Remove messages when running STIG 2016-11-30 20:21:58 +00:00
Bob Mottram 0e47f66928 Test STIG separately and with no output if all tests pass 2016-11-30 20:20:13 +00:00
Bob Mottram 42d5bc9321 Move tmp to a ramdisk 2016-11-30 20:10:51 +00:00
Bob Mottram 8f11ab2102 Don't check bluetooth
In most cases it doesn't exist and if it does it gets turned off in the config
2016-11-30 19:36:01 +00:00
Bob Mottram fa9c3b6f22 Prefer bettercrypto cyphers 2016-11-30 19:16:27 +00:00
Bob Mottram 28e8155750 Modules aren't installed anyway 2016-11-30 18:27:07 +00:00
Bob Mottram b872f429c6 Invert logic 2016-11-30 18:08:58 +00:00
Bob Mottram 496f3cd4f2 Not needed, handled by unattended upgrades 2016-11-30 18:02:50 +00:00
Bob Mottram 3f0d9b7b82 Disable null passwords 2016-11-30 17:54:45 +00:00
Bob Mottram 05a6efe365 This only applies in a typical server scenario where there are lots of users on one machine 2016-11-30 17:48:31 +00:00
Bob Mottram 22a7378852 Exceptions 2016-11-30 17:44:43 +00:00
Bob Mottram e6d4f1af0c Logging is already minimised by default 2016-11-30 17:37:53 +00:00
Bob Mottram b88a3e867b Disable tipc 2016-11-30 17:24:05 +00:00
Bob Mottram 6b4dba4771 Disable rds 2016-11-30 17:21:22 +00:00
Bob Mottram 21a3edf51a Disable sctp 2016-11-30 17:18:22 +00:00
Bob Mottram c9f6fbd54f Disable dccp 2016-11-30 17:15:43 +00:00
Bob Mottram 82a57bc41c Don't accept redirects 2016-11-30 17:04:56 +00:00
Bob Mottram b9ad7e57a3 ipv6 can be used 2016-11-30 16:26:05 +00:00
Bob Mottram b399c50c26 More ip rules 2016-11-30 16:18:40 +00:00
Bob Mottram d4c07b2cc8 Improve check for ctrl-alt-del 2016-11-30 16:04:05 +00:00
Bob Mottram b106d14890 Single quotes 2016-11-30 15:46:04 +00:00
Bob Mottram 23f67f2426 Checking for ctrl-alt-del link 2016-11-30 15:43:31 +00:00
Bob Mottram 2fd24df9a1 Zero on success 2016-11-30 14:43:36 +00:00
Bob Mottram 73316797e3 Change rule to exclude nonexistent directory 2016-11-30 14:38:28 +00:00
Bob Mottram 8dfaa5d981 irc user directory 2016-11-30 14:25:27 +00:00
Bob Mottram 01c8ac8b60 Passwords are usually random so this doesn't apply 2016-11-30 14:00:44 +00:00