Commit Graph

52 Commits

Author SHA1 Message Date
Lance Vick 75b594f47d
Limit module features. Enforce signed modules 2020-10-23 02:15:26 -07:00
Lance Vick 32785acbbf
remove remaining networking items in kernel 2020-10-23 02:02:03 -07:00
Lance Vick 07f29f50c9
remove more kernel drivers 2020-10-23 00:22:08 -07:00
Lance Vick f0d29dcaa1
remove networking support 2020-10-22 21:46:24 -07:00
Lance Vick d408ead328
bump HEADS to latest upstream from purism 2020-10-21 22:59:10 -07:00
Lance Vick 92f2222849
working builds, working audit, drop unmaintained cpe-info 2020-10-21 14:38:25 -07:00
Lance Vick 055e5038ba
Merge remote-tracking branch 'origin/master' into airgap-fixes 2020-10-20 17:05:56 -07:00
Lance Vick 434d641c46
Switch to bsdtar strategy for deterministic cpio 2020-10-20 01:02:39 -07:00
Lance Vick fa079ab953
drop git 2020-10-20 01:01:50 -07:00
Lance Vick a9020ee29d
tested deterministic xorriso options 2020-10-17 17:12:59 -07:00
Lance Vick 28ba130cea
swap buggy/broken genisofs for maintained xorriso 2020-10-17 15:37:12 -07:00
Lance Vick d0e04eeb90
disable inode caching in genisoimage to work around miscounted hardlink bug 2020-10-16 23:49:48 -07:00
Lance Vick c8a07da24b
use https with apt wherever possible 2020-10-16 02:44:26 -07:00
Lance Vick 73d0e657fa
download and hash verify all packages before install 2020-10-16 01:37:56 -07:00
Lance Vick 249e93bcce
overhaul update-packages to be faster, and save sha256 hash manifest of downloaded debs 2020-10-15 17:08:15 -07:00
Lance Vick 1badff2241
safer/simpler uid/gid mapping w/ reduced build privs 2020-10-15 16:26:28 -07:00
Lance Vick 8a2ac4b000
reduce/update build apt packages 2020-10-15 16:24:35 -07:00
Lance Vick 3873dd5e07
ensure uid:gid in iso are always set to 0 2020-10-14 23:00:54 -07:00
Lance Vick 9894b08bcb
sort order of files packed into initramfs 2020-10-13 23:07:41 -07:00
Lance Vick 13535c14bd
revert docker buildkit which seems to be buggy in docker < 19 2020-10-10 00:56:44 -07:00
Lance Vick 2fdac9efed
cleaned up, updated, and more reliable package updates 2020-10-07 18:24:58 -07:00
Lance Vick ba8673c4f2
working measured boot from sd card without an internal disk present 2020-09-09 18:20:15 -07:00
Lance Vick 244caf5b6d
allow checking out expired apt packages 2020-08-12 22:26:22 -07:00
Lance Vick 58ff50f779
cleanup console output 2020-08-12 22:26:07 -07:00
Lance Vick 4e66c50835
Name change and boot-from-usb on Heads 2020-08-12 22:25:41 -07:00
Lance Vick d4b60d191d
working autorun stack 2020-08-11 20:23:25 -07:00
Lance Vick 1ad50ac4c8
add build container cve reporting 2020-07-24 17:51:05 -07:00
Lance Vick bd5d947f1e
use main mirrors for pinned packages, then try snapshots 2020-07-24 13:19:34 -07:00
Lance Vick 1642587af3
bump packages/sources and increase timeout 2020-07-24 11:09:29 -07:00
Matt Weber 875c5c891f
patch: add cpe-info make target for buildroot 2020-07-24 03:07:08 -07:00
Lance Vick f806367aa6
tested knon working snapshot date 2020-07-23 04:07:35 -07:00
Lance Vick 22c9edfa67
lock debian sources to snapshots with auto retry 2020-07-23 01:33:05 -07:00
Lance Vick ad107baf01
update package list 2020-07-22 02:45:25 -07:00
Lance Vick d35950c72f
Import firmware signing keychain from coreboot at boot 2020-07-20 19:59:18 -07:00
Lance Vick c328c928ea
librem15v4 support + generic x86_64 for iso 2020-07-17 17:38:06 -07:00
Lance Vick 109ee0a86b
Only I can manage to typo ascii art and not notice all day 2020-07-16 22:48:27 -07:00
Lance Vick cf88d7ba72
embed build details into build as splash screen 2020-07-16 19:15:03 -07:00
Lance Vick bee4c289ca
implement keyboard layout selector in bootloader 2020-07-16 04:26:24 -07:00
Lance Vick 0a79141750
working usb, yubikeys, and some kernel hardening 2020-07-14 18:35:16 -07:00
Lance Vick 1888d6793e
Lock timestamps in iso metadata 2020-07-12 02:45:12 -07:00
Lance Vick a0606ab246
Deterministic iso support (on supported filesystems) 2020-07-11 16:08:30 -07:00
Lance Vick 1f2e21c582
include python3 2020-07-08 14:29:28 -07:00
Lance Vick 3d5ddaa45f
cleanup, kernel 5.6, add git+bash 2020-07-08 13:54:10 -07:00
Lance Vick 30b3465989
working on librem13v4 hardware 2020-07-07 14:13:18 -07:00
Lance Vick d9cbf08931
add coreboot-heads build support 2020-06-29 15:55:34 -07:00
Lance Vick 2a81684f63
switch to musl, support post-build script 2020-06-16 20:24:03 -07:00
Lance Vick 05e58b8e77
first pass of kernel hardening 2020-06-16 20:23:08 -07:00
Lance Vick 28c7fcb342
automatic login 2020-06-16 20:22:45 -07:00
Lance Vick c0ff10663d
more rename fixes 2020-06-15 19:22:36 -07:00
Lance Vick ca28e74062
rename to airgap 2020-06-15 11:04:50 -07:00