Commit Graph

161 Commits

Author SHA1 Message Date
Lance Vick 71f9f5d22d
add Cure53 audit 2021-07-20 17:39:24 -07:00
Lance Vick 7a343c9530
Merge branch 'gkelly-apt-allow-downgrades' 2021-06-30 19:41:31 -07:00
Lance Vick 88a1dae682
Merge branch 'apt-allow-downgrades' of https://github.com/gkelly/airgap into gkelly-apt-allow-downgrades 2021-06-30 19:41:10 -07:00
Lance Vick c6cfd0aa8e
Merge branch 'gkelly-readme-fix' 2021-06-30 19:39:28 -07:00
Lance Vick f0e95c3112
Merge branch 'readme-fix' of https://github.com/gkelly/airgap into gkelly-readme-fix 2021-06-30 19:39:00 -07:00
Lance Vick d19338a4d2
Merge branch 'gkelly-dockerignore-build' 2021-06-30 19:38:13 -07:00
Garret Kelly d9228f1461
Create .dockerignore, symlinked from .gitignore
This saves transferring build/ and release/ to the Docker context. These
directories can be heavy. Remove the .* pattern from .gitignore to allow
for the creation of .dockerignore.
2021-06-20 18:39:14 -04:00
Garret Kelly a2e8ba6b86
README.md: Update project URL 2021-06-19 15:02:17 -04:00
Garret Kelly abe50444bc
apt-install: Allow downgrades to satisfy package pins
Resolves #1
2021-06-19 13:23:45 -04:00
Lance Vick 310189ca84
add MIT license 2021-02-25 12:24:46 -08:00
Lance Vick 38fd6aa305
1.0.0rc1 2020-12-16 10:49:18 -08:00
Lance Vick e3b3e075e8
nuke dead test releases 2020-12-16 02:09:32 -08:00
Lance Vick 7032870363
re-embed git date for useful embed time 2020-12-16 02:02:55 -08:00
Lance Vick 0b850c529c
disable non determinstic kernel module signing 2020-12-16 00:27:31 -08:00
Lance Vick 54a0669e77
disable compression to work out determinisim regression 2020-12-15 22:45:01 -08:00
Lance Vick b1b4753085
use xz for better/deterministic cpio compression 2020-12-15 17:00:55 -08:00
Lance Vick c065348e69
hardcode all timestamps to unix epoch for easier diff across builds 2020-12-15 16:43:54 -08:00
Lance Vick 4f7e10f490
add 1.0.0rc14 2020-12-14 15:30:35 -08:00
Lance Vick e9aa4eb72c
drop https for mirrors that don't support it 2020-12-14 14:08:40 -08:00
Lance Vick 00555c249f
bump packages 2020-12-14 13:04:49 -08:00
Lance Vick 1bae962c95
Merge branch 'master' of gitlab.com:pchq/airgap 2020-11-09 16:21:04 -08:00
Lance Vick 9b62315c36
compressed image, cleanup for upstreaming, automatic iso boot 2020-11-09 16:19:36 -08:00
Lance Vick ccb1d87d57
Bump heads, compress, and favor upstream usb-boot changes. 2020-10-30 16:19:49 -07:00
Lance Vick 75b594f47d
Limit module features. Enforce signed modules 2020-10-23 02:15:26 -07:00
Lance Vick 32785acbbf
remove remaining networking items in kernel 2020-10-23 02:02:03 -07:00
Lance Vick 07f29f50c9
remove more kernel drivers 2020-10-23 00:22:08 -07:00
Lance Vick f0d29dcaa1
remove networking support 2020-10-22 21:46:24 -07:00
Lance Vick 020fd780a7
1.0.0rc13 2020-10-22 05:26:40 -07:00
Lance Vick eba212e1e6
Merge branch 'airgap-fixes' 2020-10-22 05:17:06 -07:00
Lance Vick bfda0ea1e5
copy new rom names 2020-10-22 02:14:15 -07:00
Lance Vick c1297ffcc2
guard against ambiguious ref attacks in fetch 2020-10-21 22:59:29 -07:00
Lance Vick d408ead328
bump HEADS to latest upstream from purism 2020-10-21 22:59:10 -07:00
Lance Vick cdc7d346c4
Merge branch 'airgap-fixes' of gitlab.com:pchq/airgap into airgap-fixes 2020-10-21 15:15:51 -07:00
Lance Vick 5778705ef7
Merge branch 'master' into airgap-fixes 2020-10-21 15:15:13 -07:00
Lance Vick 92f2222849
working builds, working audit, drop unmaintained cpe-info 2020-10-21 14:38:25 -07:00
Lance Vick 7538907542
add 1.0.0rc12 2020-10-21 11:38:26 -07:00
Lance Vick 055e5038ba
Merge remote-tracking branch 'origin/master' into airgap-fixes 2020-10-20 17:05:56 -07:00
Lance Vick 434d641c46
Switch to bsdtar strategy for deterministic cpio 2020-10-20 01:02:39 -07:00
Lance Vick fa079ab953
drop git 2020-10-20 01:01:50 -07:00
Lance Vick f58df1bc42
rehash/resign rc11 2020-10-18 03:51:58 -07:00
Lance Vick 2ccea08480
1.0.0rc11 2020-10-17 17:20:24 -07:00
Lance Vick a9020ee29d
tested deterministic xorriso options 2020-10-17 17:12:59 -07:00
Lance Vick 28ba130cea
swap buggy/broken genisofs for maintained xorriso 2020-10-17 15:37:12 -07:00
Lance Vick d0e04eeb90
disable inode caching in genisoimage to work around miscounted hardlink bug 2020-10-16 23:49:48 -07:00
Lance Vick c8a07da24b
use https with apt wherever possible 2020-10-16 02:44:26 -07:00
Lance Vick 73d0e657fa
download and hash verify all packages before install 2020-10-16 01:37:56 -07:00
Lance Vick 249e93bcce
overhaul update-packages to be faster, and save sha256 hash manifest of downloaded debs 2020-10-15 17:08:15 -07:00
Lance Vick 1badff2241
safer/simpler uid/gid mapping w/ reduced build privs 2020-10-15 16:26:28 -07:00
Lance Vick 8a2ac4b000
reduce/update build apt packages 2020-10-15 16:24:35 -07:00
Lance Vick 3873dd5e07
ensure uid:gid in iso are always set to 0 2020-10-14 23:00:54 -07:00