dasharo/sbctl
0
0
Fork 0
mirror of https://github.com/Dasharo/sbctl.git synced 2026-03-06 15:04:14 -08:00
Code Issues Packages Projects Releases Wiki Activity
513 Commits 1 Branch 0 Tags
61f918052d1c22bf610ffdae033470f390015fef
Commit Graph

513 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Morten Linderud 61f918052d create-keys: ensure we have access to /var/lib 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 16:16:07 +02:00
Morten Linderud 8c6cc100a2 setup: clean path and ensure we have RW on parent directory of the secureboot folder 
Fixs: https://github.com/Foxboron/sbctl/issues/336

Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 15:58:50 +02:00
Morten Linderud 33247c9fd1 setup: ensure we check the dir before setting landlock 
Fixes: https://github.com/Foxboron/sbctl/issues/335

Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 15:10:22 +02:00
Morten Linderud 80c451c8de setup: ensure we rename bundles db correctly and check that it exists 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 14:19:24 +02:00
Morten Linderud bfdefcfddc setup: create the directory before we set landlock rules 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 13:36:35 +02:00
Morten Linderud 12b3f72608 setup: ensure the new path is included in landlock 
Fixes: https://github.com/Foxboron/sbctl/issues/333

Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 13:25:01 +02:00
Morten Linderud 37c0ce9c1f debug: include version information in the tarball 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 12:39:17 +02:00
Morten Linderud fff86bf4dd sbctl: implement a hidden version command 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 12:32:45 +02:00
Morten Linderud f1e8535986 Deprecation notice for bundles 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 12:03:29 +02:00
Morten Linderud 30c30b70ee Merge branch 'morten/tpm' 
* morten/tpm:
  Implement support for TPM key files
  sbctl: ensure we are passing state to KeyHierarchy
 2024-07-31 12:01:34 +02:00
Morten Linderud bdf2c637d5 Implement support for TPM key files 
Support TPM TSS2 key files for signing secure boot things

Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 00:14:26 +02:00
Morten Linderud 73a077051b sbctl: ensure we are passing state to KeyHierarchy 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 00:11:22 +02:00
Morten Linderud a2a859f08d setup: disable landlock in test 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 00:09:30 +02:00
Morten Linderud 24b94b2602 setup: config is a null string. Lets no add it into landlock 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 00:08:36 +02:00
Morten Linderud 89dd1a2376 database: ensure we landlock files with O_TRUNC permissions 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-31 00:08:28 +02:00
Morten Linderud e8a1c11342 Merge branch 'morten/debug' 
* morten/debug:
  Implment sbctl debug command
 2024-07-30 21:07:53 +02:00
Morten Linderud e4905d48ed Implment sbctl debug command 
It's to help us debug issues with sbctl and UEFI things.

Fixes: https://github.com/Foxboron/sbctl/issues/287

Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-30 20:59:41 +02:00
Morten Linderud 5c869e6f84 Merge branch 'morten/landlock' 
* morten/landlock:
  keys: clarify error message
  README: fix the flag commands and update readme
  sbctl: setup debug logging
  rotate-keys: ensure we use the correct hierarchy
  sbctl: implement landlock sandboxing
 2024-07-29 22:37:35 +02:00
Morten Linderud fbc6156d19 keys: clarify error message 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-29 22:37:12 +02:00
Morten Linderud dadbfcf0c4 README: fix the flag commands and update readme 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-29 22:36:58 +02:00
Morten Linderud b969902d44 sbctl: setup debug logging 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-29 22:17:13 +02:00
Morten Linderud a1d56bf6df rotate-keys: ensure we use the correct hierarchy 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-29 21:30:47 +02:00
Morten Linderud c9d25391a9 sbctl: implement landlock sandboxing 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2024-07-29 21:30:46 +02:00
Morten Linderud 1454913555 Merge branch 'morten/setup' 
* morten/setup:
  ensure we always set output path to the file path
  sbctl: add check and unset immutable
  remove print
  sbctl.8: add config file and mention the new paths
  sbctl.8: mention the new --setup switch
  sbctl.8: fix some typesetting issues
  Implement sbctl setup
  enroll-key: separate runE from the invocation
  create-keys: separate RunE from the function invocation
  sbctl: read SetupMode from state.Efivarfs
  backend: ensure keyhierarchy reads from afero.Fs
 2024-07-28 14:39:20 +02:00
Morten Linderud 2403f4f724 Merge remote-tracking branch 'origin/pull/328' 
* origin/pull/328:
  contrib: support trailing commas in sbctl setup output
 2024-07-28 14:21:05 +02:00