harald/VerityBook
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
123 commits 2 branches 0 tags 220 KiB
Commit graph

49 commits

Author SHA1 Message Date
Harald Hoyer 8db2fb1ef7 No shim for fwup 2018-10-19 14:36:57 +02:00
Harald Hoyer 6df272edca prepare-root.sh: renamed custom scripts on installed image to fedorabook-* 
update -> fedorabook-update
clonedisk -> fedorabook-clonedisk
...
 2018-10-19 14:36:57 +02:00
Harald Hoyer 815c930eda use openssl for verification 
also rename --dbkey --dbcrt arguments
 2018-10-19 14:36:57 +02:00
Harald Hoyer 3813c38f72 mksquashfs: turn on compression 
4.1GB -> 1.8GB

xdelta still gives a reasonable small delta :)
 2018-10-19 10:47:16 +02:00
Harald Hoyer ca8e372fe5 move update-ca-trust 2018-10-18 15:35:42 +02:00
Harald Hoyer de617c550c add --noscripts and --statedir 2018-10-18 15:35:42 +02:00
Harald Hoyer 9ae10e7ad7 cleanup 
move quirks/nss.sh to prepare-root.sh

remove old non-working quirks

only mount selinux when needed

don't install new selinux rules
 2018-09-21 12:03:20 +02:00
Harald Hoyer 9d3bae766e Revert "prepare-root.sh: don't switch selinux enforcing mode" 
This reverts commit 522a302ef4.
 2018-09-20 14:04:55 +02:00
Harald Hoyer 522a302ef4 prepare-root.sh: don't switch selinux enforcing mode 2018-09-20 13:44:03 +02:00
Harald Hoyer a5f5c4385e SELINUX=1 enforcing 2018-09-20 13:29:56 +02:00
Harald Hoyer f05fdad33b selinux 2018-09-19 08:02:18 +02:00
Harald Hoyer bbbcf5e33d roothome selinux fix 2018-09-18 19:08:55 +02:00
Harald Hoyer de27ee1811 prepare-root.sh: add -s system_u to semanage fcontext 2018-09-18 19:05:44 +02:00
Harald Hoyer 6879289d17 prepare-root.sh: also patch /cfg/machine-id 2018-09-18 19:05:44 +02:00
Harald Hoyer 33722687f2 prepare-root.sh: do pre-pivot.sh after selinux policy load 2018-09-18 19:05:44 +02:00
Harald Hoyer c4b56ebaa7 prepare-root.sh: remove dbus-broker 2018-09-18 19:05:44 +02:00
Harald Hoyer 7d149c2c0a use /var/roothome as /root 2018-09-18 19:05:44 +02:00
Harald Hoyer 1f91f12774 prepare-root.sh: selinux permissive during build 2018-09-18 14:48:33 +02:00
Harald Hoyer 070545cf89 prepare-root.sh: fixup selinux 2018-09-18 13:51:07 +02:00
Harald Hoyer c8fae80001 prepare-root.sh: cluster systemd service manipulations 2018-09-18 13:50:31 +02:00
Harald Hoyer 40267aa521 prepare-root.sh: remove /efi from initramfs 2018-09-18 13:49:36 +02:00
Harald Hoyer bab477b0c9 prepare-root.sh: mount /sys/fs/selinux in /sysroot 2018-09-18 13:49:11 +02:00
Harald Hoyer b41aa7748c prepare-root.sh: remove dnf-makecache.timer 2018-09-18 12:26:44 +02:00
Harald Hoyer 0d5cfac2ac prepare-root.sh: add altfiles to selinux 2018-09-18 12:22:43 +02:00
Harald Hoyer 7b9117d5de prepare-root.sh: remove LVM services 2018-09-18 12:22:15 +02:00
Harald Hoyer ccaedc86b9 prepare-root.sh: remove hostname from factory 2018-09-18 12:20:32 +02:00
Harald Hoyer a6973aa806 prepare-root.sh: turn localtime to absolute symlink in factory 2018-09-18 12:20:02 +02:00
Harald Hoyer 93572c5b1f prepare-root.sh: don't reset ownership of /cfg and /var 2018-09-18 10:43:34 +02:00
Harald Hoyer 8dfaa0d4be move everything configurable to /cfg and try selinux 2018-09-17 17:32:13 +02:00
Harald Hoyer 8843cfd665 patch libc.so for localtime change 2018-09-14 11:37:54 +02:00
Harald Hoyer 92ed642dde put EFI tools in tarball 2018-09-13 15:02:05 +02:00
Harald Hoyer 8d930e2784 prepare-root.sh: add default NM /etc config 2018-09-13 15:01:38 +02:00
Harald Hoyer 23680b65ff prepare-root.sh: fix /root symlink 2018-09-13 13:44:23 +02:00
Harald Hoyer ddbef9392b prepare-root.sh: don't move away vmlinuz 2018-09-13 13:43:18 +02:00
Harald Hoyer 61f55d1612 prepare-root.sh: cleanup dracut remains 2018-09-13 13:42:50 +02:00
Harald Hoyer 7a269d3c1f prepare-root.sh: ensure home dir exists 2018-09-12 17:09:34 +02:00
Harald Hoyer daa5bdd118 prepare-root.sh: set lockdown=1 on the kernel cmdline 2018-09-12 16:40:19 +02:00
Harald Hoyer 1dc7a0fae6 use single image for squashfs and dmverity 2018-09-11 16:49:44 +02:00
Harald Hoyer 0e17648dc5 update 2018-09-11 11:37:59 +02:00
Harald Hoyer c8a3101e7b tss before nss quirk 2018-09-10 17:11:47 +02:00
Harald Hoyer a320d42d51 fixed /data paths 2018-09-10 16:28:48 +02:00
Harald Hoyer d18cdafa5b update 2018-09-10 15:53:21 +02:00
Harald Hoyer 7d097f89e7 update 2018-09-10 14:19:20 +02:00
Harald Hoyer 2e63e25d7d update 2018-09-07 17:02:36 +02:00
Harald Hoyer 5d5ec9682e update 2018-09-06 15:57:20 +02:00
Harald Hoyer 6910172911 extend PCR7 after using it to unlock the LUKS 2018-09-05 16:50:45 +02:00
Harald Hoyer 2bd0b8d314 use /dev/mapper/data and a /etc/fstab on the real root 2018-09-05 15:15:53 +02:00
Harald Hoyer d32cd2fd1e fixed missing linuxx64.efi.stub 2018-09-05 13:55:47 +02:00
Harald Hoyer a80e32c538 initial commit 2018-09-05 11:49:57 +02:00