aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFiles
* Consolidate sshd_configHEADmasterGuilhem Moulin2020-05-172
|
* Add READMEs.Guilhem Moulin2019-06-282
|
* fix bug in fripost_mdadm_create.Guilhem Moulin2017-05-301
|
* sshd_config: set UsePrivilegeSeparation sandbox.Guilhem Moulin2017-05-301
|
* virtualenv: don't let SPICE listen on a socket.Guilhem Moulin2017-05-301
|
* /proc/sys/kernel/random/poolsize is in bits not bytes.Guilhem Moulin2017-05-301
|
* udeb: only copy generated .udeb files to the iso image.Guilhem Moulin2017-05-292
|
* Automatically launch the install.Guilhem Moulin2017-05-291
|
* Update preseed.cfgGuilhem Moulin2017-05-291
|
* Bump iso version.Guilhem Moulin2017-05-291
|
* Bump iso version.Guilhem Moulin2016-01-011
|
* .gitignoreGuilhem Moulin2015-06-071
|
* Use better defaults for VMs.Guilhem Moulin2015-06-071
|
* Make the encrypted installation work with Jessie.Guilhem Moulin2015-06-073
|
* Remove the SELinux configuration option.Guilhem Moulin2015-06-073
| | | | Since the default policy is no longer available in Jessie.
* Prefer BTRFS over LVM2.Guilhem Moulin2015-06-072
|
* Unsure that existing swaps are unused.Guilhem Moulin2015-06-071
|
* Select the first available block device by default.Guilhem Moulin2015-06-072
|
* wibbleGuilhem Moulin2015-06-071
|
* Jessie fixups.Guilhem Moulin2015-06-074
|
* Upgrade the preseed script to make it work with Debian Jessie.Guilhem Moulin2015-06-074
|
* Upgrade preseeding to Debian 7.7.Guilhem Moulin2015-06-074
|
* Remove the 'gamin' package.Guilhem Moulin2015-06-071
|
* Support non-free firmwares. (Can be required :-()Guilhem Moulin2015-06-071
| | | | Also, always install contrib's intel-microcode on Intel CPUs.
* Bump debian_version to 7.5.0Guilhem Moulin2015-06-072
|
* wibbleGuilhem Moulin2015-06-073
|
* wibbleGuilhem Moulin2015-06-071
|
* Restrict SSH login to members of the 'ssh-login' group.Guilhem Moulin2015-06-073
| | | | | Don't use the group 'ssh', as it's automatically created by openssh-client's postinstall hook, and is used for ssh-agent's setgid.
* Force grub to be installed on devices other than /dev/sda if asked to.Guilhem Moulin2015-06-072
| | | | This is a dirty fix for #666974 (which is fixed in Jessie's installer).
* Dirty fix for bug #666974.Guilhem Moulin2015-06-071
|
* Bugfix for #666974.Guilhem Moulin2015-06-071
|
* Bump the installer to the last Debian point-release.Guilhem Moulin2015-06-071
|
* wibbleGuilhem Moulin2015-06-071
|
* Improve the description of preseeding options.Guilhem Moulin2015-06-073
|
* Show a progress bar when creating RAID arrays.Guilhem Moulin2015-06-073
|
* Enable generation of HDD images.Guilhem Moulin2015-06-073
| | | | | This is only useful for older BIOSes, that don't support hybrid ISO which can otherwise be burnt onto USB key as well.
* Preseed locales.Guilhem Moulin2015-06-071
| | | | | | See #684134, though: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134
* Enable RAID root system.Guilhem Moulin2015-06-072
| | | | | | | | | | | | | | | | | | | | | Quoting /usr/share/doc/cryptsetup/README.keyctl : The current state for dm-crypt in Linux is that it is single threaded, thus every dm-crypt mapping only uses a single core for crypto operations. To use the full power of your many-core processor it is thus necessary to split the dm-crypt device. For Linux software raid arrays the easiest segmentation is to just put the dm-crypt layer below the software raid layer. However, this seems no longer true since 2.6.38, cf. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714806 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c029772125594e31eb1a5ad9e0913724ed9891f2 http://kernelnewbies.org/Linux_2_6_38#head-49f5f735853f8cc7c4d89e5c266fe07316b49f4c Therefore encrypting the array (instead of assembling an array of encrypted disks) shouldn't cause a performance cost. Also, it makes the ramdisk much easier to configure :-)
* Ensure urandom entropy is of cryptographic quality.Guilhem Moulin2015-06-073
| | | | | | | | | | | | The non-blocking PRNG /dev/urandom doesn't block if it has been seeded enough, sadly (e.g., if the entropy pool is empty). Reading a few bytes from the *blocking* should ensure that "the kernel RNG has [...] reach full entropy at least once, which guarantees cryptographic quality of the rest of the /dev/urandom stream." -- Tor bug #10676 https://trac.torproject.org/projects/tor/ticket/10676 See also urandom(4).
* wibbleGuilhem Moulin2015-06-071
|
* Use dpkg-architecture(1).Guilhem Moulin2015-06-073
| | | | | | | | | | | | When compiling for x86_86 on a i386 machine or vice versa, the following warning appears: dpkg-architecture: warning: specified GNU system type x86_64-linux-gnu does not match gcc system type i486-linux-gnu, try setting a correct CC environment variable However this is harmless, even if the multilib approach is a bit hacky and does not replace a proper cross-compiler. Cf. bug #712000 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712000
* wibbleGuilhem Moulin2015-06-072
|
* Multiarch support.Guilhem Moulin2015-06-075
| | | | Run 'ARCH=amd64 make' to preseed an AMD64 ISO image, etc.
* Fix warning when building packages.Guilhem Moulin2015-06-074
| | | | (I.e., make lintian happy.)
* UEFI support.Guilhem Moulin2015-06-073
| | | | | Tested with the IntelĀ® Desktop Board DH87RL, BIOS [RLH8710H.86A] version 0323.
* bugfixGuilhem Moulin2015-06-073
|
* Update the debian version.Guilhem Moulin2015-06-071
| | | | To the latest point release, 7.3.0.
* wibbleGuilhem Moulin2015-06-074
|
* Reformulate the headers showing the license.Guilhem Moulin2015-06-075
| | | | | To be clearer, and to follow the recommendation of the FSF, we include a full header rather than a single sentence.
* Refactored 'virt' shell script.Guilhem Moulin2015-06-071
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-18 23:14:17 +0000