aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFiles
* Upgrade preseeding to Debian 7.7.Guilhem Moulin2015-06-071
|
* Remove the 'gamin' package.Guilhem Moulin2015-06-071
|
* wibbleGuilhem Moulin2015-06-071
|
* Restrict SSH login to members of the 'ssh-login' group.Guilhem Moulin2015-06-072
| | | | | Don't use the group 'ssh', as it's automatically created by openssh-client's postinstall hook, and is used for ssh-agent's setgid.
* wibbleGuilhem Moulin2015-06-071
|
* Improve the description of preseeding options.Guilhem Moulin2015-06-071
|
* Show a progress bar when creating RAID arrays.Guilhem Moulin2015-06-072
|
* Enable RAID root system.Guilhem Moulin2015-06-071
| | | | | | | | | | | | | | | | | | | | | Quoting /usr/share/doc/cryptsetup/README.keyctl : The current state for dm-crypt in Linux is that it is single threaded, thus every dm-crypt mapping only uses a single core for crypto operations. To use the full power of your many-core processor it is thus necessary to split the dm-crypt device. For Linux software raid arrays the easiest segmentation is to just put the dm-crypt layer below the software raid layer. However, this seems no longer true since 2.6.38, cf. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714806 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c029772125594e31eb1a5ad9e0913724ed9891f2 http://kernelnewbies.org/Linux_2_6_38#head-49f5f735853f8cc7c4d89e5c266fe07316b49f4c Therefore encrypting the array (instead of assembling an array of encrypted disks) shouldn't cause a performance cost. Also, it makes the ramdisk much easier to configure :-)
* Ensure urandom entropy is of cryptographic quality.Guilhem Moulin2015-06-073
| | | | | | | | | | | | The non-blocking PRNG /dev/urandom doesn't block if it has been seeded enough, sadly (e.g., if the entropy pool is empty). Reading a few bytes from the *blocking* should ensure that "the kernel RNG has [...] reach full entropy at least once, which guarantees cryptographic quality of the rest of the /dev/urandom stream." -- Tor bug #10676 https://trac.torproject.org/projects/tor/ticket/10676 See also urandom(4).
* wibbleGuilhem Moulin2015-06-071
|
* Use dpkg-architecture(1).Guilhem Moulin2015-06-072
| | | | | | | | | | | | When compiling for x86_86 on a i386 machine or vice versa, the following warning appears: dpkg-architecture: warning: specified GNU system type x86_64-linux-gnu does not match gcc system type i486-linux-gnu, try setting a correct CC environment variable However this is harmless, even if the multilib approach is a bit hacky and does not replace a proper cross-compiler. Cf. bug #712000 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712000
* Multiarch support.Guilhem Moulin2015-06-074
| | | | Run 'ARCH=amd64 make' to preseed an AMD64 ISO image, etc.
* Fix warning when building packages.Guilhem Moulin2015-06-074
| | | | (I.e., make lintian happy.)
* UEFI support.Guilhem Moulin2015-06-071
| | | | | Tested with the IntelĀ® Desktop Board DH87RL, BIOS [RLH8710H.86A] version 0323.
* bugfixGuilhem Moulin2015-06-071
|
* wibbleGuilhem Moulin2015-06-072
|
* Reformulate the headers showing the license.Guilhem Moulin2015-06-072
| | | | | To be clearer, and to follow the recommendation of the FSF, we include a full header rather than a single sentence.
* wibbleGuilhem Moulin2015-06-071
| | | | | Replaced [ -n "$string" ] with [ "$string" ], and [ -z "$string" ] with [ ! "$string" ].
* Fix shell traps.Guilhem Moulin2015-06-071
|
* Replace the 'syslog' facility (5) by 'user' (1).Guilhem Moulin2015-06-071
| | | | | 'syslog' is meant for the messages generated internally by syslogd, whereas 'user' is for user-level messages.
* wibbleGuilhem Moulin2015-06-071
|
* Reorganization.Guilhem Moulin2015-06-0722
Move preseed-related stuff in ./preseed/, and vm-related stuff in ./virtualenv/.