Compare commits
4 Commits
2025.01.03
...
main
Author | SHA1 | Date |
---|---|---|
Anton Livaja | 13bedb1e73 | |
Anton Livaja | 3b039317c9 | |
Anton Livaja | b78da5c22a | |
Sam Ebstein | f25615bc97 |
|
@ -14,6 +14,7 @@ FROM stagex/gpg:sx2024.09.0@sha256:f63555b39740db63b34c06894a4a9d5e125d04f5d51e7
|
|||
FROM stagex/grub:sx2024.09.0@sha256:a14c60f152c759185e5702e910053cb5c0d9eee11f43d8d5d40a84123aece9fd AS grub
|
||||
FROM stagex/ipxe:sx2024.09.0@sha256:5791d9b42c7e9099a0180c4fe6cc4b8e9afc9e6b9ec392099c65c53b71db7908 AS ipxe
|
||||
FROM stagex/jq:sx2024.09.0@sha256:3e8b44aa54481bdd46406e9d3a63862f4216f81530a1898b3c144e1c38847a82 AS jq
|
||||
FROM stagex/jq:sx2024.09.0@sha256:3e8b44aa54481bdd46406e9d3a63862f4216f81530a1898b3c144e1c38847a82 AS jq
|
||||
FROM stagex/keyfork:sx2024.09.0@sha256:2288c1d769a0c3c535835019ad4919cc45b094492b5aa959a0eaf1e883a96214 AS keyfork
|
||||
FROM stagex/libaio:sx2024.09.0@sha256:c8d6dd6f3e6fbda73ac0620b2bc4b4cfe6fa504bf7a17eee3bb56e286c394b8b AS libaio
|
||||
FROM stagex/libassuan:sx2024.09.0@sha256:1f31e888ab3f02634009d1a38acca9f25deb827432eb91392e21fd75128a44aa AS libassuan
|
||||
|
@ -65,7 +66,7 @@ COPY --from=mtools . /
|
|||
COPY --from=xz . /
|
||||
COPY --from=grub . /
|
||||
|
||||
FROM base AS dev
|
||||
FROM base as dev
|
||||
COPY --from=gcc . /
|
||||
COPY --from=glib . /
|
||||
COPY --from=alsa-lib . /
|
||||
|
|
12
Makefile
12
Makefile
|
@ -1,19 +1,17 @@
|
|||
VERSION := development
|
||||
GIT_REF := $(shell git log -1 --format=%H)
|
||||
GIT_AUTHOR := $(shell git log -1 --format=%an)
|
||||
GIT_PUBKEY := $(shell git log -1 --format=%GK)
|
||||
GIT_PUBKEY := $(shell git log -1 --format=%GP)
|
||||
GIT_TIMESTAMP := $(shell git log -1 --format=%cd --date=iso)
|
||||
export
|
||||
|
||||
## Use env vars from latest release when reproducing
|
||||
ifdef REPRODUCE
|
||||
include dist/release.env
|
||||
export
|
||||
include dist/release.env
|
||||
export
|
||||
endif
|
||||
|
||||
## Prevents use of caching when building docker image
|
||||
ifdef NOCACHE
|
||||
NO_CACHE := --no-cache
|
||||
NO_CACHE := --no-cache
|
||||
endif
|
||||
|
||||
.DEFAULT_GOAL :=
|
||||
|
@ -72,7 +70,7 @@ vm: out/dev-shell.digest out/airgap.iso out/sdcard.img
|
|||
-nographic; \
|
||||
"
|
||||
|
||||
## Release, Signing, Verification, and Reproduction Targets
|
||||
## Signing, Verification, and Release Targets
|
||||
|
||||
.PHONY: clean
|
||||
clean:
|
||||
|
|
45
README.md
45
README.md
|
@ -57,7 +57,7 @@ make release
|
|||
### Reproduce an existing release
|
||||
|
||||
```
|
||||
make reproduce
|
||||
make attest
|
||||
```
|
||||
|
||||
### Sign an existing release
|
||||
|
@ -128,3 +128,46 @@ make vm
|
|||
```
|
||||
make shell
|
||||
```
|
||||
|
||||
## Hardware Compatibility ##
|
||||
|
||||
### Tested Models
|
||||
|
||||
* Purism Librem 14
|
||||
|
||||
* HP 13" Intel Celeron - 4GB Memory - 64GB eMMC, HP 14-dq0052dx, SKU: 6499749, UPC: 196548430192, DCS: 6.768.5321, ~USD $179.99
|
||||
|
||||
* Lenovo 14" Flex 5i FHD Touchscreen 2-in-1 Laptop - Intel Core i3-1215U - 8GB Memory - Intel UHD Graphics, SKU: 6571565, ~USD $379.99
|
||||
|
||||
### Disabling Secure Boot
|
||||
|
||||
AirgapOS can't be booted using secure boot. Therefore it has to be disabled. Alternative systems like Heads may be used.
|
||||
|
||||
#### Instructions to Disable Secure Boot in BIOS
|
||||
|
||||
1. Restart your computer
|
||||
|
||||
2. **Enter BIOS/UEFI Setup**:
|
||||
- As your computer starts up, press the appropriate key to enter the BIOS/UEFI setup. Common keys include:
|
||||
- **F2** (Dell, Acer, Lenovo)
|
||||
- **Delete** (ASUS, MSI)
|
||||
- **F10** (HP)
|
||||
- **Esc** (Some systems)
|
||||
- You may see a prompt on the screen indicating which key to press
|
||||
|
||||
3. **Navigate to the Secure Boot Option**:
|
||||
- Once in the BIOS/UEFI setup, use the arrow keys to navigate through the menus. Look for a tab or section labeled **"Boot," "Security,"** or **"Authentication."**
|
||||
- The exact location of the Secure Boot option can vary, so you may need to explore a bit
|
||||
|
||||
4. **Locate Secure Boot**:
|
||||
- Find the **Secure Boot** option within the selected menu. It may be listed as **"Secure Boot Control"** or simply **"Secure Boot."**
|
||||
|
||||
5. **Disable Secure Boot**:
|
||||
- Select the Secure Boot option and change its setting to **Disabled**. This is usually done by pressing **Enter** and then selecting **Disabled** from the options.
|
||||
|
||||
6. **Save Changes and Exit**:
|
||||
- After disabling Secure Boot, navigate to the **Exit** tab or section.
|
||||
- Choose the option to **Save Changes and Exit**. Confirm any prompts that appear to save your changes.
|
||||
|
||||
7. **Reboot Your Computer**:
|
||||
- Your computer will restart. Secure Boot should now be disabled.
|
|
@ -0,0 +1,16 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEEZ1U/vaRrtxq9LgsLjkeh7DWhVR0FAma0fbsACgkQjkeh7DWh
|
||||
VR0lYBAAsjKcqgoSM73lck4gSga3CWtTfZ/k7azr98HnUw5InTyTwvna2sRGL3jb
|
||||
Q0pUhrPVQVmjXSyxD/hR/uLuiAfUn2Gyhp1MZS3C7jmFcRsxCJzNbByv/2bUS2+U
|
||||
5TaCoxmM8SdxTqcBIyYylKzZ4ub0t3bCWUt2uPqdSqslgEReeqbzzE3jpmiUfmHE
|
||||
daaZhZa3iPEr7vqq00jUGFuSEdxQCQkty0nZHzfGhHwbliiUGyH6/bb+u4v5eGYH
|
||||
VEyRq0CWFgw5sywpSf3UZjR0fkd0do9z6Li1ggN2GV63I4oT3L1LltcMXtgfMp+B
|
||||
SA3gz7/mJsMqM6H2ZWqUgJAZw/mZCGStftSnOTKdyEtpzagNNeePa5f4kM1ZuHF6
|
||||
ehSl1nbnCeCPfedS8+oUm3v8qWiFLXz4tmYvBnfDWaUXIYpNOrvJPtatdinTNRfl
|
||||
nglyEt6Olc+3vEqkrEl7JFu13Gl92mbuhhelKjM/VDheHBUZ6yrso1aLbyruO+wm
|
||||
RxL3pQSCNfAnIQpSdkXga5gVvbZDDISBast3qHFuZaZFbo2p24hw0HnLAfyCrxgF
|
||||
JnN3x2qqRlTzQSrVr4EEXUwUqpt5LlnQ3kDLNVYhXuqTdmyETj1YGnAXkqV/D+Z7
|
||||
B7hlDdddXI5d0yDoYPAmF9N7XJCasdfutnO/8IfZ/eE989jYybE=
|
||||
=eruT
|
||||
-----END PGP SIGNATURE-----
|
|
@ -0,0 +1,16 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEEiII6deyqeGsP84sUjkAUeKP773IFAma0f0IACgkQjkAUeKP7
|
||||
73I33w//SaGbbM9z8SYsWhii1SBnfs6NVQSwdBoO20C4gFdmZkPVDak3QoCAioaC
|
||||
GjlEOEDb7SXfWi3n2z72P97dswN6dG1IxQKR1N913IWzUUEXGR0phaC+o0P1/f74
|
||||
MXrcUDLwwJwZsA/0zMV6gHvONEqwgmfEO4WrEB/Ty7ueoJjsmQ2oauWytlh8CVDR
|
||||
3HFwiVoAjRC2d0vKj0eL2n9pNQNEYKb+oJ/gq3sk2L8qPs1vThQguHADvqmi6V3w
|
||||
+4tZqviksPXb+sve3VTsKFDbd5AXvcRY4TbPawQ5W7Aa6iK9W/yA10+zXvcHoGrA
|
||||
6iMR94yI9eprBkqoeoxr2MHPk+8d9xXB16hY/h+OCPibkFFfPST9GDFcp0nk1JFH
|
||||
b0bbpanBsxwN3IxTAL0a7iD2nxftZHjgiZib1lhdhLg35o9iou1V0fRPwdjepS3o
|
||||
2TBvKhtNncUW/87ZhxhdkTI/iUvS0iem3KHUQXkM+ziOC5zGf+PYvMCuy2P0oSei
|
||||
731aVOgxKbpEZHY0pTkuqG7U4+RWZ+KJEnxETcZWoCeY9DW/u2Dx5hukeZJbvmUo
|
||||
111vBoziyocgKvKi5S3ctZaAwm2wNsE0TU/o5u9+Q5ST1wgsKJF+F0laCUQcDPwM
|
||||
UyM5VznH31pChrlzRiUcsm0lMvDkx+JfTSBPOgzABMAcQ3YuTSk=
|
||||
=e+q6
|
||||
-----END PGP SIGNATURE-----
|
|
@ -1,16 +0,0 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEE4QZ4HgB6uRyYnbMyRKhs/x/fDoUFAmd788QACgkQRKhs/x/f
|
||||
DoX9UxAA0jJOkVvo/HU0G+n/ObcYK511VpLlFEzFJ0fRnQzWeSCUNaCxB9cSuapn
|
||||
Go/Vcje4FUMrCIxwhcxW1+V2HkhiewYhOGVYL7YHidma5jPdw2iKejnlaijnez+D
|
||||
b1Vg/Hma7cancwt7mPnC1+QNdUSAppL81BNH4cy+Z5kxNMix/zAtC23zg9GlqICl
|
||||
la8+J2i4VoDI4Y/u9Mar2G9scYrGVOEIGrTH9TzTy0amtT3iuL7slk7jNifz81F/
|
||||
oqyOvHtOD1L834u+Fj+ZNWMVRHHvvXDN1/f6rKZ/EdV3nHZnyqiTc3/EN/eezNEC
|
||||
RxF3rvradcyUQ3Bg975/tuECmc/C4IhHu2e1fGGsB4wb2s0zyb2YlulHwopOrzi0
|
||||
nPm0FSnQ4bGA+wnJxyp094/qflk3j2pkRNXNQJKgHzrQicnEz+BK0Vfgfp5Uon77
|
||||
vBOnxxmeB8PhwB4ZJZGOXDKNYeyc4bGuNcYa7GYJbssFKD2+d+ORI2V4truP0Ygg
|
||||
qOJS4s18uQitsu6AIxxpsbEf3bEVP4z6YuMf97IoEaHGqVl8k/+v+xcyi4zQiMFX
|
||||
SGXLFtE3MVOguLBp/N40BDFu0pHPWZ3o6QaPJqg6+zby6iLbb3/xMcAwXylA5FLf
|
||||
A5DJQ69qvRJdPgPA24UwP/9RpBRv7Rsydf7MDLJJN0b+nUG/pp0=
|
||||
=66iY
|
||||
-----END PGP SIGNATURE-----
|
|
@ -1,2 +1,2 @@
|
|||
297dd11232e27938b5a27e6c7692a702adef5d633bd82a93003de5016cebede6 airgap.iso
|
||||
f7774d13cc7e40705ef4bc2555b0c19443fb6f98e194041a7ee85aaabf6d18cb release.env
|
||||
fe92783ef775ccc5e32baefb26f951b7f37ed26ecbb4601a068e20b31bebadbb airgap.iso
|
||||
b714c963bd8b1f3a38295821f0a3521bc64f97c1023c49d22a2e7433385b1a09 release.env
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
VERSION=2025.01.06
|
||||
GIT_REF=b46d8e0b71e12cefed594e8d668f8c439fb43fc5
|
||||
GIT_AUTHOR=Anton Livaja
|
||||
GIT_PUBKEY=44A86CFF1FDF0E85
|
||||
GIT_TIMESTAMP=2025-01-06 09:44:44 -0500
|
||||
VERSION=2024.8.1
|
||||
GIT_REF=ea623cc147741b0a753ce4ea7aabe512df9a2ef9
|
||||
GIT_AUTHOR=Lance R. Vick
|
||||
GIT_PUBKEY=6B61ECD76088748C70590D55E90A401336C8AAA9
|
||||
GIT_TIMESTAMP=2024-08-08 00:34:41 -0700
|
||||
|
|
|
@ -23,7 +23,6 @@ null::sysinit:/bin/ln -sf /proc/self/fd/2 /dev/stderr
|
|||
# Put shells on the serial terminal and console
|
||||
console::respawn:-/bin/bash
|
||||
ttyS0::respawn:-/bin/bash
|
||||
::respawn:-/bin/bash
|
||||
|
||||
# Stuff to do for the 3-finger salute
|
||||
::ctrlaltdel:/sbin/reboot
|
||||
|
|
Loading…
Reference in New Issue