diff --git a/.archive/icon.lib b/.archive/icon.lib index 77a875c..a40a915 100644 --- a/.archive/icon.lib +++ b/.archive/icon.lib @@ -33,7 +33,7 @@ 🧾 πŸ“€ πŸ“‰ -⏱ +πŸ•‘ 🧠 πŸ“… πŸ’™ @@ -42,5 +42,6 @@ πŸ” πŸ“‹ 🎯 -ℹ️ +πŸ” +πŸ’‘ # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh \ No newline at end of file diff --git a/.gitea/ISSUE_TEMPLATE/ISSUE_TEMPLATE.yaml b/.gitea/ISSUE_TEMPLATE/ISSUE_TEMPLATE.yaml index 47e8b5d..39540f5 100644 --- a/.gitea/ISSUE_TEMPLATE/ISSUE_TEMPLATE.yaml +++ b/.gitea/ISSUE_TEMPLATE/ISSUE_TEMPLATE.yaml @@ -2,7 +2,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/.gitea/ISSUE_TEMPLATE/PULL_REQUEST_TEMPLATE.yaml b/.gitea/ISSUE_TEMPLATE/PULL_REQUEST_TEMPLATE.yaml index 981bcb3..598d83c 100644 --- a/.gitea/ISSUE_TEMPLATE/PULL_REQUEST_TEMPLATE.yaml +++ b/.gitea/ISSUE_TEMPLATE/PULL_REQUEST_TEMPLATE.yaml @@ -2,7 +2,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/.gitea/TODO/render-md-to-html.yaml b/.gitea/TODO/render-md-to-html.yaml index fba6e69..52eb366 100644 --- a/.gitea/TODO/render-md-to-html.yaml +++ b/.gitea/TODO/render-md-to-html.yaml @@ -2,7 +2,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/.gitea/trigger/t_generate_PRIVATE_iso_flavour_0.yaml b/.gitea/trigger/t_generate_PRIVATE_iso_flavour_0.yaml index 001d661..1f72e6e 100644 --- a/.gitea/trigger/t_generate_PRIVATE_iso_flavour_0.yaml +++ b/.gitea/trigger/t_generate_PRIVATE_iso_flavour_0.yaml @@ -2,7 +2,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/.gitea/trigger/t_generate_PRIVATE_iso_flavour_1.yaml b/.gitea/trigger/t_generate_PRIVATE_iso_flavour_1.yaml index f9fa70b..513baac 100644 --- a/.gitea/trigger/t_generate_PRIVATE_iso_flavour_1.yaml +++ b/.gitea/trigger/t_generate_PRIVATE_iso_flavour_1.yaml @@ -2,7 +2,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/.gitea/trigger/t_generate_PUBLIC.yaml b/.gitea/trigger/t_generate_PUBLIC.yaml index 001d661..1f72e6e 100644 --- a/.gitea/trigger/t_generate_PUBLIC.yaml +++ b/.gitea/trigger/t_generate_PUBLIC.yaml @@ -2,7 +2,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/.gitea/trigger/t_generate_dns.yaml b/.gitea/trigger/t_generate_dns.yaml index 28f5f21..7841ae1 100644 --- a/.gitea/trigger/t_generate_dns.yaml +++ b/.gitea/trigger/t_generate_dns.yaml @@ -2,7 +2,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/.gitea/workflows/char_linter.yaml b/.gitea/workflows/char_linter.yaml new file mode 100644 index 0000000..e5b4041 --- /dev/null +++ b/.gitea/workflows/char_linter.yaml @@ -0,0 +1,206 @@ +# SPDX-Version: 3.0 +# SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; +# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git +# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; +# SPDX-FileType: SOURCE +# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 +# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. +# SPDX-PackageName: CISS.debian.live.builder +# SPDX-Security-Contact: security@coresecret.eu + +### Version Master V8.03.400.2025.06.05 + +# Gitea Workflow: Shell-Script Linting +# +# This workflow scans all '*.sh', '*.zsh', '*.chroot' and all files with Shebang (#!) for: +# 1. Windows CRLF line endings +# 2. unauthorized control characters (C0 control characters except \t, \n) +# 3. non-ASCII (ambiguous UTF) characters +# +# Findings are collected and at the end of the run with file, line number, +# and the respective character in the Runner output. + +name: πŸ›‘οΈ Shell Script Linting + +on: + push: + branches: + - master + pull_request: + branches: + - master + +jobs: + shell-script-linter: + name: πŸ›‘οΈ Shell Script Linting + runs-on: ubuntu-latest + + steps: + - name: βš™οΈ Preparing SSH Setup, SSH Deploy Key, Known Hosts, .config. + shell: bash + run: | + set -euo pipefail + rm -rf ~/.ssh && mkdir -m700 ~/.ssh + + ### Private Key + echo "${{ secrets.SSH_MSW_DEPLOY_CORESECRET_DEV }}" >| ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + + ### Scan git.coresecret.dev to fill ~/.ssh/known_hosts + ssh-keyscan -p 42842 git.coresecret.dev >| ~/.ssh/known_hosts + chmod 600 ~/.ssh/known_hosts + + ### Generate SSH Config for git.coresecret.dev Custom-Port + cat <| ~/.ssh/config + Host git.coresecret.dev + HostName git.coresecret.dev + Port 42842 + IdentityFile ~/.ssh/id_ed25519 + StrictHostKeyChecking yes + UserKnownHostsFile ~/.ssh/known_hosts + EOF + chmod 600 ~/.ssh/config + + ### https://github.com/actions/checkout/issues/1843 + - name: πŸ› οΈ Using manual clone via SSH to circumvent Gitea SHA-256 object issues. + shell: bash + env: + ### GITHUB_REF_NAME contains the branch name from the push event. + GITHUB_REF_NAME: ${{ github.ref_name }} + run: | + set -euo pipefail + git clone --branch "${GITHUB_REF_NAME}" ssh://git@git.coresecret.dev:42842/msw/PRIVATE_TESTING_CISS.debian.live.builder.git . + git fetch --unshallow || echo "Nothing to fetch - already full clone." + + - name: πŸ› οΈ Cleaning the workspace. + shell: bash + run: | + set -euo pipefail + git reset --hard + git clean -fd + + - name: βš™οΈ Importing the 'CI PGP DEPLOY ONLY' key. + shell: bash + run: | + set -euo pipefail + ### GPG-Home relative to the Runner Workspace to avoid changing global files. + export GNUPGHOME="$(pwd)/.gnupg" + mkdir -m 700 "${GNUPGHOME}" + echo "${{ secrets.PGP_MSW_DEPLOY_CORESECRET_DEV }}" >| ci-bot.sec.asc + gpg --batch --import ci-bot.sec.asc + ### Trust the key automatically + KEY_ID=$(gpg --list-keys --with-colons | awk -F: '/^pub:/ {print $5}') + echo "trust-model always" >| "${GNUPGHOME}/gpg.conf" + + - name: βš™οΈ Configuring Git for signed CI/DEPLOY commits. + shell: bash + run: | + set -euo pipefail + export GNUPGHOME="$(pwd)/.gnupg" + git config user.name "Marc S. Weidner BOT" + git config user.email "msw+bot@coresecret.dev" + git config commit.gpgsign true + git config gpg.program gpg + git config gpg.format openpgp + + - name: βš™οΈ Convert APT sources to HTTPS. + shell: bash + run: | + set -euo pipefail + sed -i 's|http://\(archive\.ubuntu\.com\|security\.ubuntu\.com\)|https://\1|g' /etc/apt/sources.list + sed -i 's|http://\(archive\.ubuntu\.com\|security\.ubuntu\.com\)|https://\1|g' /etc/apt/sources.list.d/*.list || true + + - name: πŸ› οΈ Install dependencies. + shell: bash + run: | + ### Install grep with Perl-regex support, falls noch nicht vorhanden + apt-get update + apt-get upgrade -y + apt-get install -y grep + + - name: πŸ” Lint shell scripts + shell: bash + run: | + # ------------------------------- + # STEP 1: Find target files. + # + # We capture: + # - All files '*.sh', '*.zsh', '*.chroot' + # - All files whose first line begins with β€œ#!” (shebang) + # ------------------------------- + mapfile -t files_to_check < <( + find . -type f \( \ + -iname '*.sh' -o \ + -iname '*.zsh' -o \ + -iname '*.chroot' -o \ + -exec grep -Iq '^#!' {} \; \ + \) -print + ) + + # ------------------------------- + # STEP 2: Regex definitions + # + # - CRLF_REGEX β†’ Carriage Return (\r) for Windows CRLF + # - CTRL_REGEX β†’ C0 control characters except Tab (\x09) and Newline (\x0A) + # Range: [\x00-\x08\x0B-\x0C\x0E-\x1F\x7F] + # - NON_ASCII_REGEX β†’ All bytes > 0x7F, except emoji characters in defined ranges + # + # Emoji ranges that we exclude: + # - \x{1F300}-\x{1F5FF} (Misc Symbols & Pictographs) + # - \x{1F600}-\x{1F64F} (Emoticons) + # - \x{1F680}-\x{1F6FF} (Transport & Map Symbols) + # - \x{1F900}-\x{1F9FF} (Supplemental Symbols & Pictographs) + # - \x{2600}-\x{26FF} (Miscellaneous Symbols) + # - \x{2700}-\x{27BF} (Dingbats) + # ------------------------------- + + CRLF_REGEX=$'\r' + CTRL_REGEX='[\x00-\x08\x0B-\x0C\x0E-\x1F\x7F]' + NON_ASCII_REGEX='(?![\x{1F300}-\x{1F5FF}\x{1F600}-\x{1F64F}\x{1F680}-\x{1F6FF}\x{1F900}-\x{1F9FF}\x{2600}-\x{26FF}\x{2700}-\x{27BF}])[^\x00-\x7F]' + + # ------------------------------- + # STEP 3: Accumulator for findings + # ------------------------------- + findings="" + + # ------------------------------- + # STEP 4: Perform all checks for each file + # ------------------------------- + for file in "${files_to_check[@]}"; do + # + # 4.1: CRLF detection + # grep -nP returns β€œlineno:” + # ------------------------------- + while IFS=: read -r lineno _rest; do + findings+="${file}: CRLF-found at line ${lineno}: "$'\n' + done < <(grep -nP "${CRLF_REGEX}" "${file}" || true) + + # + # 4.2: Unallowed control characters + # grep -nP -o returns β€œlineno:” + # ------------------------------- + while IFS=: read -r lineno char; do + findings+="${file}: control-char at line ${lineno}: ${char}"$'\n' + done < <(grep -nP -o "${CTRL_REGEX}" "${file}" || true) + + # + # 4.3: Non-ASCII characters with emoji exception + # grep -nP -o returns β€œlineno:” + # ------------------------------- + while IFS=: read -r lineno char; do + findings+="${file}: non-ascii at line ${lineno}: ${char}"$'\n' + done < <(grep -nP -o "${NON_ASCII_REGEX}" "${file}" || true) + done + + # ------------------------------- + # STEP 5: Output results + # ------------------------------- + if [[ -n "${findings}" ]]; then + echo -e "⚠️ Linting issues detected:\n" + echo -e "${findings}" + exit 1 + else + echo "βœ… No issues found in shell scripts." + fi +# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=yaml diff --git a/.gitea/workflows/generate_PRIVATE_iso_flavour_0.yaml b/.gitea/workflows/generate_PRIVATE_iso_flavour_0.yaml index ec5e594..7398f5d 100644 --- a/.gitea/workflows/generate_PRIVATE_iso_flavour_0.yaml +++ b/.gitea/workflows/generate_PRIVATE_iso_flavour_0.yaml @@ -2,7 +2,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. @@ -40,13 +40,14 @@ jobs: echo 'deb https://deb.debian.org/debian bookworm-backports main' \ >| /etc/apt/sources.list.d/bookworm-backports.list apt-get update + apt-get upgrade - name: πŸ› οΈ Installing Build Tools. shell: bash run: | apt-get update apt-get install -y \ - autoconf \ + autoconf \ automake \ build-essential \ cryptsetup \ @@ -58,6 +59,9 @@ jobs: git \ gnupg \ haveged \ + libbz2-dev \ + zlib1g-dev \ + liblzma-dev \ libtool \ live-build \ parted \ @@ -223,6 +227,8 @@ jobs: ### GPG-Home relative to the Runner Workspace to avoid changing global files. export GNUPGHOME="$(pwd)/.gnupg" mkdir -m 700 "${GNUPGHOME}" + echo "${{ secrets.PGP_PUBKEY_CENTURION_ROOT_2025_X448 }}" >| centurion-root.PUB.asc + gpg --batch --import centurion-root.PUB.asc echo "${{ secrets.PGP_MSW_DEPLOY_CORESECRET_DEV }}" >| ci-bot.sec.asc gpg --batch --import ci-bot.sec.asc ### Trust the key automatically @@ -328,7 +334,7 @@ jobs: AUTH="${SHARE_TOKEN}:${SHARE_PASS}" if curl --retry 2 "${NC_BASE}"/public.php/webdav/"${VAR_ISO_FILE_NAME}" \ - --upload-file "${VAR_ISO_FILE_PATH}" --user "${AUTH}"; then + --upload-file "${VAR_ISO_FILE_PATH}" --user "${AUTH}" > /dev/null 2>&1; then echo "βœ… New ISO successfully uploaded." else echo "❌ Uploading the new ISO failed." @@ -363,7 +369,7 @@ jobs: # SPDX-CreationInfo: 2025-06-01; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency - # SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; + # SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/.gitea/workflows/generate_PRIVATE_iso_flavour_1.yaml b/.gitea/workflows/generate_PRIVATE_iso_flavour_1.yaml index faf5c14..4a5fb7f 100644 --- a/.gitea/workflows/generate_PRIVATE_iso_flavour_1.yaml +++ b/.gitea/workflows/generate_PRIVATE_iso_flavour_1.yaml @@ -2,7 +2,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. @@ -21,7 +21,7 @@ on: branches: - master paths: - - '.gitea/trigger/t_generate_PRIVATE_iso_flavour_1.yaml' + - '.gitea/trigger/.t_generate_PRIVATE_iso_flavour_1.yaml' jobs: generate-private-ciss-debian-live-iso: @@ -40,6 +40,7 @@ jobs: echo 'deb https://deb.debian.org/debian bookworm-backports main' \ >| /etc/apt/sources.list.d/bookworm-backports.list apt-get update + apt-get upgrade - name: πŸ› οΈ Installing Build Tools. shell: bash @@ -58,6 +59,9 @@ jobs: git \ gnupg \ haveged \ + libbz2-dev \ + zlib1g-dev \ + liblzma-dev \ libtool \ live-build \ parted \ @@ -223,6 +227,8 @@ jobs: ### GPG-Home relative to the Runner Workspace to avoid changing global files. export GNUPGHOME="$(pwd)/.gnupg" mkdir -m 700 "${GNUPGHOME}" + echo "${{ secrets.PGP_PUBKEY_CENTURION_ROOT_2025_X448 }}" >| centurion-root.PUB.asc + gpg --batch --import centurion-root.PUB.asc echo "${{ secrets.PGP_MSW_DEPLOY_CORESECRET_DEV }}" >| ci-bot.sec.asc gpg --batch --import ci-bot.sec.asc ### Trust the key automatically @@ -325,7 +331,7 @@ jobs: AUTH="${SHARE_TOKEN}:${SHARE_PASS}" if curl --retry 2 "${NC_BASE}"/public.php/webdav/"${VAR_ISO_FILE_NAME}" \ - --upload-file "${VAR_ISO_FILE_PATH}" --user "${AUTH}"; then + --upload-file "${VAR_ISO_FILE_PATH}" --user "${AUTH}" > /dev/null 2>&1; then echo "βœ… New ISO successfully uploaded." else echo "❌ Uploading the new ISO failed." @@ -360,7 +366,7 @@ jobs: # SPDX-CreationInfo: 2025-06-01; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency - # SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; + # SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/.gitea/workflows/generate_PUBLIC_iso.yaml b/.gitea/workflows/generate_PUBLIC_iso.yaml index 066a6d7..8710074 100644 --- a/.gitea/workflows/generate_PUBLIC_iso.yaml +++ b/.gitea/workflows/generate_PUBLIC_iso.yaml @@ -2,7 +2,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. @@ -21,7 +21,7 @@ on: branches: - master paths: - - '.gitea/trigger/t_generate_PUBLIC.yaml' + - '.gitea/trigger/.t_generate_PUBLIC.yaml' jobs: generate-private-ciss-debian-live-iso: @@ -40,13 +40,14 @@ jobs: echo 'deb https://deb.debian.org/debian bookworm-backports main' \ >| /etc/apt/sources.list.d/bookworm-backports.list apt-get update + apt-get upgrade - name: πŸ› οΈ Installing Build Tools. shell: bash run: | apt-get update apt-get install -y \ - autoconf \ + autoconf \ automake \ build-essential \ cryptsetup \ @@ -58,6 +59,9 @@ jobs: git \ gnupg \ haveged \ + libbz2-dev \ + zlib1g-dev \ + liblzma-dev \ libtool \ live-build \ parted \ @@ -223,6 +227,8 @@ jobs: ### GPG-Home relative to the Runner Workspace to avoid changing global files. export GNUPGHOME="$(pwd)/.gnupg" mkdir -m 700 "${GNUPGHOME}" + echo "${{ secrets.PGP_PUBKEY_CENTURION_ROOT_2025_X448 }}" >| centurion-root.PUB.asc + gpg --batch --import centurion-root.PUB.asc echo "${{ secrets.PGP_MSW_DEPLOY_CORESECRET_DEV }}" >| ci-bot.sec.asc gpg --batch --import ci-bot.sec.asc ### Trust the key automatically @@ -325,7 +331,7 @@ jobs: AUTH="${SHARE_TOKEN}:${SHARE_PASS}" if curl --retry 2 "${NC_BASE}"/public.php/webdav/"${VAR_ISO_FILE_NAME}" \ - --upload-file "${VAR_ISO_FILE_PATH}" --user "${AUTH}"; then + --upload-file "${VAR_ISO_FILE_PATH}" --user "${AUTH}" > /dev/null 2>&1; then echo "βœ… New ISO successfully uploaded." else echo "❌ Uploading the new ISO failed." @@ -360,7 +366,7 @@ jobs: # SPDX-CreationInfo: 2025-06-01; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency - # SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; + # SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/.gitea/workflows/render-dnssec-status.yaml b/.gitea/workflows/render-dnssec-status.yaml index a8267ad..47e8648 100644 --- a/.gitea/workflows/render-dnssec-status.yaml +++ b/.gitea/workflows/render-dnssec-status.yaml @@ -2,7 +2,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/.gitea/workflows/render-dot-to-png.yaml b/.gitea/workflows/render-dot-to-png.yaml index 3b66604..ab138cf 100644 --- a/.gitea/workflows/render-dot-to-png.yaml +++ b/.gitea/workflows/render-dot-to-png.yaml @@ -2,7 +2,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. @@ -190,4 +190,4 @@ jobs: set -euo pipefail echo "πŸ“€ Pushing changes to ${GITHUB_REF_NAME} ..." git push origin HEAD:${GITHUB_REF_NAME} - # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=yaml +# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=yaml diff --git a/config/hooks/live/0001_initramfs_modules.chroot b/config/hooks/live/0001_initramfs_modules.chroot index 78ca7c3..45e6c64 100644 --- a/config/hooks/live/0001_initramfs_modules.chroot +++ b/config/hooks/live/0001_initramfs_modules.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. @@ -48,7 +48,7 @@ cat << EOF >| /etc/initramfs-tools/modules # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. @@ -113,7 +113,7 @@ cat << 'EOF' >| /etc/initramfs-tools/update-initramfs.conf # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/config/hooks/live/0002_verify_checksums.chroot b/config/hooks/live/0002_verify_checksums.chroot index c54bbdf..997a4ae 100644 --- a/config/hooks/live/0002_verify_checksums.chroot +++ b/config/hooks/live/0002_verify_checksums.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/config/hooks/live/0050_activate_root.chroot b/config/hooks/live/0050_activate_root.chroot index de68861..6f1656a 100644 --- a/config/hooks/live/0050_activate_root.chroot +++ b/config/hooks/live/0050_activate_root.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/config/hooks/live/0080_keyboard_layout.chroot b/config/hooks/live/0080_keyboard_layout.chroot index e6bc1a2..fc2d7b7 100644 --- a/config/hooks/live/0080_keyboard_layout.chroot +++ b/config/hooks/live/0080_keyboard_layout.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/0090_haveged.chroot b/config/hooks/live/0090_haveged.chroot index ba14808..022815b 100644 --- a/config/hooks/live/0090_haveged.chroot +++ b/config/hooks/live/0090_haveged.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/0120_set_hostname.chroot b/config/hooks/live/0120_set_hostname.chroot index fc8c94b..f25af27 100644 --- a/config/hooks/live/0120_set_hostname.chroot +++ b/config/hooks/live/0120_set_hostname.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/0130_machineid.chroot b/config/hooks/live/0130_machineid.chroot index bf63f57..4de2ecc 100644 --- a/config/hooks/live/0130_machineid.chroot +++ b/config/hooks/live/0130_machineid.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/0400_eza_install.chroot b/config/hooks/live/0400_eza_install.chroot index 72f754a..7e7ee0b 100644 --- a/config/hooks/live/0400_eza_install.chroot +++ b/config/hooks/live/0400_eza_install.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. @@ -133,14 +133,6 @@ symlink_path: {foreground: Cyan} control_char: {foreground: Red} broken_symlink: {foreground: Red} broken_path_overlay: {foreground: Default, is_underlined: true} - -filenames: - # Custom filename-based overrides - # Cargo.toml: {icon: {glyph: 🦀}} - -extensions: - # Custom extension-based overrides - # rs: {filename: {foreground: Red}, icon: {glyph: 🦀}} EOF chmod 0644 "/root/eza-themes/themes/centurion.yml" diff --git a/config/hooks/live/0800_lynis_setup.chroot b/config/hooks/live/0800_lynis_setup.chroot index 0df42da..c6f465f 100644 --- a/config/hooks/live/0800_lynis_setup.chroot +++ b/config/hooks/live/0800_lynis_setup.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/0810_chrony_setup.chroot b/config/hooks/live/0810_chrony_setup.chroot index b558a5a..ae0bd3d 100644 --- a/config/hooks/live/0810_chrony_setup.chroot +++ b/config/hooks/live/0810_chrony_setup.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/0822_ssh_restart_hook.chroot b/config/hooks/live/0822_ssh_restart_hook.chroot index 46c5e8e..096005b 100644 --- a/config/hooks/live/0822_ssh_restart_hook.chroot +++ b/config/hooks/live/0822_ssh_restart_hook.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. @@ -29,7 +29,7 @@ cat << 'EOF' >| /usr/local/bin/restart-ssh.sh # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/0825_my_sqltuner_perl.chroot b/config/hooks/live/0825_my_sqltuner_perl.chroot index 7d3e9ef..8ad3849 100644 --- a/config/hooks/live/0825_my_sqltuner_perl.chroot +++ b/config/hooks/live/0825_my_sqltuner_perl.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/0830_download_yq.chroot b/config/hooks/live/0830_download_yq.chroot index 58210c8..a919417 100644 --- a/config/hooks/live/0830_download_yq.chroot +++ b/config/hooks/live/0830_download_yq.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/0835_testssl.sh.chroot b/config/hooks/live/0835_testssl.sh.chroot index 220f572..61181a5 100644 --- a/config/hooks/live/0835_testssl.sh.chroot +++ b/config/hooks/live/0835_testssl.sh.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/0845_harbian_audit.chroot b/config/hooks/live/0845_harbian_audit.chroot index 139d827..4188f20 100644 --- a/config/hooks/live/0845_harbian_audit.chroot +++ b/config/hooks/live/0845_harbian_audit.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/0850_ssh_audit.chroot b/config/hooks/live/0850_ssh_audit.chroot index 1377e34..ce10ccd 100644 --- a/config/hooks/live/0850_ssh_audit.chroot +++ b/config/hooks/live/0850_ssh_audit.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/config/hooks/live/0855_dnsviz.chroot b/config/hooks/live/0855_dnsviz.chroot index b267d67..18b3ad7 100644 --- a/config/hooks/live/0855_dnsviz.chroot +++ b/config/hooks/live/0855_dnsviz.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/config/hooks/live/0900_ufw_setup.chroot b/config/hooks/live/0900_ufw_setup.chroot index 8a78394..26ecc92 100644 --- a/config/hooks/live/0900_ufw_setup.chroot +++ b/config/hooks/live/0900_ufw_setup.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/9900_process_accounting.chroot b/config/hooks/live/9900_process_accounting.chroot index 03eb93f..c28f0f8 100644 --- a/config/hooks/live/9900_process_accounting.chroot +++ b/config/hooks/live/9900_process_accounting.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/config/hooks/live/9910_motd.chroot b/config/hooks/live/9910_motd.chroot index 431f066..56ef37f 100644 --- a/config/hooks/live/9910_motd.chroot +++ b/config/hooks/live/9910_motd.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/config/hooks/live/9930_hardening_ssh.chroot b/config/hooks/live/9930_hardening_ssh.chroot index 7b92f57..260d656 100644 --- a/config/hooks/live/9930_hardening_ssh.chroot +++ b/config/hooks/live/9930_hardening_ssh.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/9950_fail2ban_hardening.chroot b/config/hooks/live/9950_fail2ban_hardening.chroot index 2b98801..c5eee85 100644 --- a/config/hooks/live/9950_fail2ban_hardening.chroot +++ b/config/hooks/live/9950_fail2ban_hardening.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/9960_disable_services.chroot b/config/hooks/live/9960_disable_services.chroot index a970eb4..e6a7857 100644 --- a/config/hooks/live/9960_disable_services.chroot +++ b/config/hooks/live/9960_disable_services.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/9970_remove_exim.chroot b/config/hooks/live/9970_remove_exim.chroot index 4756426..e1692df 100644 --- a/config/hooks/live/9970_remove_exim.chroot +++ b/config/hooks/live/9970_remove_exim.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/9980_usb_guard.chroot b/config/hooks/live/9980_usb_guard.chroot index 0a1d35c..d6cce7b 100644 --- a/config/hooks/live/9980_usb_guard.chroot +++ b/config/hooks/live/9980_usb_guard.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/9985_clamav.chroot b/config/hooks/live/9985_clamav.chroot index 61513c6..ed92730 100644 --- a/config/hooks/live/9985_clamav.chroot +++ b/config/hooks/live/9985_clamav.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/9990_final_purge.chroot b/config/hooks/live/9990_final_purge.chroot index 7623a1d..89bfec7 100644 --- a/config/hooks/live/9990_final_purge.chroot +++ b/config/hooks/live/9990_final_purge.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/9991_file_permissions.chroot b/config/hooks/live/9991_file_permissions.chroot index 6f034b4..ccefc64 100644 --- a/config/hooks/live/9991_file_permissions.chroot +++ b/config/hooks/live/9991_file_permissions.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/config/hooks/live/9993_aide.chroot b/config/hooks/live/9993_aide.chroot index dea2987..4f07d5a 100644 --- a/config/hooks/live/9993_aide.chroot +++ b/config/hooks/live/9993_aide.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. @@ -19,7 +19,7 @@ apt-get install -y aide cp -u /etc/aide/aide.conf /root/.ciss/dlb/backup/aide.conf.bak sed -i "s/Checksums = H/Checksums = sha512/" /etc/aide/aide.conf -if aideinit; then +if aideinit > /dev/null 2>&1; then printf "\e[92m++++ ++++ ++++ ++++ ++++ ++++ ++ βœ… 'aideinit' successful. \e[0m\n" else printf "\e[91m++++ ++++ ++++ ++++ ++++ ++++ ++ ❌ 'aideinit' NOT successful. \e[0m\n" >&2 diff --git a/config/hooks/live/9994_password_policy.chroot b/config/hooks/live/9994_password_policy.chroot index b6ecf3c..e18ae5f 100644 --- a/config/hooks/live/9994_password_policy.chroot +++ b/config/hooks/live/9994_password_policy.chroot @@ -3,15 +3,15 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. # SPDX-PackageName: CISS.debian.live.builder # SPDX-Security-Contact: security@coresecret.eu -### NIST recommends at least eight characters but advises longer passphrases (e.g., 12–64) for increased security. -### NIST SP 800–63B, https://pages.nist.gov/800-63-3/sp800-63b.html +### NIST recommends at least eight characters but advises longer passphrases (e.g., 12-64) for increased security. +### NIST SP 800-63B, https://pages.nist.gov/800-63-3/sp800-63b.html set -C -e -u -o pipefail @@ -55,7 +55,7 @@ minlen = 20 ### dcredit = 0, ucredit = 0, lcredit = 0, ocredit = 0, minclass = 0 ### NIST SP 800–63B advises against rigid complexity rules (numbers, symbols, uppercase) -### because they can lead users to adopt predictable patterns (e.g., β€œPa$$word!”). +### because they can lead users to adopt predictable patterns (e.g., "Pa$$word!"). ### Length and dictionary checks are more effective. ### The maximum credit for having digits in the new password. If less than 0 diff --git a/config/hooks/live/9995_sysstat.chroot b/config/hooks/live/9995_sysstat.chroot index 25d26e2..a2bd912 100644 --- a/config/hooks/live/9995_sysstat.chroot +++ b/config/hooks/live/9995_sysstat.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/config/hooks/live/9996_auditd.chroot b/config/hooks/live/9996_auditd.chroot index 13fc4fe..b22a9d7 100644 --- a/config/hooks/live/9996_auditd.chroot +++ b/config/hooks/live/9996_auditd.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/config/hooks/live/9997_debsums.chroot b/config/hooks/live/9997_debsums.chroot index 7bedd45..59b1175 100644 --- a/config/hooks/live/9997_debsums.chroot +++ b/config/hooks/live/9997_debsums.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. @@ -22,7 +22,7 @@ cp -a /etc/default/debsums /root/.ciss/dlb/backup/debsums.bak chmod 0644 /root/.ciss/dlb/backup/debsums.bak sed -i "s/CRON_CHECK=never/CRON_CHECK=monthly/" /etc/default/debsums -if debsums -g; then +if debsums -g > /dev/null 2>&1; then printf "\e[92m++++ ++++ ++++ ++++ ++++ ++++ ++ βœ… 'debsums -g' successful. \e[0m\n" else # Omit false negative error output to stdout and stderr, as no problematic errors occur on startup. diff --git a/config/hooks/live/9998_sources_list.chroot b/config/hooks/live/9998_sources_list.chroot index 3e4fc44..e025078 100644 --- a/config/hooks/live/9998_sources_list.chroot +++ b/config/hooks/live/9998_sources_list.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. @@ -25,7 +25,7 @@ cat << 'EOF' >| /etc/apt/sources.list # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://cendev.eu/marc.weidner/CISS.2025.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.2025.hardened.installer framework. diff --git a/config/hooks/live/9999_interfaces_update.chroot b/config/hooks/live/9999_interfaces_update.chroot index 533a28d..154c2cf 100644 --- a/config/hooks/live/9999_interfaces_update.chroot +++ b/config/hooks/live/9999_interfaces_update.chroot @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. @@ -22,7 +22,7 @@ cat << 'EOF' >| /etc/network/interfaces # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 91b97dc..59b0add 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -16,6 +16,9 @@ include_toc: true * The workflow image was changed to ``debian:bookworm``. * Added a LIVE ISO workflow routine to build GnuPG from sources, since Bookworm GPG does not recognize key format 5. +* Changed verbosity of: + * [9993_aide.chroot](../config/hooks/live/9993_aide.chroot) + * [9997_debsums.chroot](../config/hooks/live/9997_debsums.chroot) --- **[no tracking | no logging | no advertising | no profiling | no bullshit](https://coresecret.eu/)** diff --git a/docs/DL_PUB_ISO.md b/docs/DL_PUB_ISO.md index 0b6161b..46a0f48 100644 --- a/docs/DL_PUB_ISO.md +++ b/docs/DL_PUB_ISO.md @@ -91,7 +91,7 @@ ultimate hardening rules: ````text ### SSH Handling: Foreign IP (not in /etc/hosts.allow): refused to connect: immediate ban [sshd-refused] -### Jump host mistyped 1–3 times: no ban, only after four attempts [sshd] +### Jump host mistyped 1-3 times: no ban, only after four attempts [sshd] (...) # ufw aggressive approach: # Any valid client communicating with our server should be going directly to the service ports opened in ufw (ssh, 80, 443, ...). diff --git a/docs/LICENSES/CC-BY-NC-ND-4.0.txt b/docs/LICENSES/CC-BY-NC-ND-4.0.txt index d12951d..7bbe19c 100644 --- a/docs/LICENSES/CC-BY-NC-ND-4.0.txt +++ b/docs/LICENSES/CC-BY-NC-ND-4.0.txt @@ -8,13 +8,13 @@ Creative Commons public licenses provide a standard set of terms and conditions Considerations for licensors: Our public licenses are intended for use by those authorized to give the public permission to use material in ways otherwise restricted by copyright and certain other rights. Our licenses are irrevocable. Licensors should read and understand the terms and conditions of the license they choose before applying it. Licensors should also secure all rights necessary before applying our licenses so that the public can reuse the material as expected. Licensors should clearly mark any material not subject to the license. This includes other CC-licensed material, or material used under an exception or limitation to copyright. More considerations for licensors. -Considerations for the public: By using one of our public licenses, a licensor grants the public permission to use the licensed material under specified terms and conditions. If the licensors' permission is not necessary for any reason–for example, because of any applicable exception or limitation to copyright - then that use is not regulated by the license. Our licenses grant only permissions under copyright and certain other rights that a licensor has authority to grant. Use of the licensed material may still be restricted for other reasons, including because others have copyright or other rights in the material. A licensor may make special requests, such as asking that all changes be marked or described. Although not required by our licenses, you are encouraged to respect those requests where reasonable. More considerations for the public. +Considerations for the public: By using one of our public licenses, a licensor grants the public permission to use the licensed material under specified terms and conditions. If the licensors' permission is not necessary for any reason-for example, because of any applicable exception or limitation to copyright - then that use is not regulated by the license. Our licenses grant only permissions under copyright and certain other rights that a licensor has authority to grant. Use of the licensed material may still be restricted for other reasons, including because others have copyright or other rights in the material. A licensor may make special requests, such as asking that all changes be marked or described. Although not required by our licenses, you are encouraged to respect those requests where reasonable. More considerations for the public. Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions. -Section 1 – Definitions. +Section 1 - Definitions. a. Adapted Material means material subject to Copyright and Similar Rights that are derived from or based upon the Licensed Material and in which the Licensed Material is translated, altered, arranged, transformed, or otherwise modified in a manner requiring permission under the Copyright and Similar Rights held by the Licensor. For purposes of this Public License, where the Licensed Material is a musical work, performance, or sound recording, Adapted Material is always produced where the Licensed Material is synced in timed relation with a moving image. @@ -38,7 +38,7 @@ Section 1 – Definitions. k. You mean the individual or entity exercising the Licensed Rights under this Public License. 'Your' has a corresponding meaning. -Section 2 – Scope. +Section 2 - Scope. a. License grant. @@ -55,7 +55,7 @@ Section 2 – Scope. 4. Media and formats; technical modifications allowed. The Licensor authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this Public License, simply making modifications authorized by this Section 2(a)(4) never produces Adapted Material. 5. Downstream recipients. - A. Offer from the Licensor – Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License. + A. Offer from the Licensor - Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License. B. No downstream restrictions. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, the Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed Material. @@ -69,7 +69,7 @@ Section 2 – Scope. 3. To the extent possible, the Licensor waives any right to collect royalties from You for the exercise of the Licensed Rights, whether directly or through a collecting society under any voluntary or waivable statutory or compulsory licensing scheme. In all other cases, the Licensor expressly reserves any right to collect such royalties, including when the Licensed Material is used other than for NonCommercial purposes. -Section 3 – License Conditions. +Section 3 - License Conditions. Your exercise of the Licensed Rights is expressly made subject to the following conditions. @@ -99,7 +99,7 @@ Your exercise of the Licensed Rights is expressly made subject to the following 3. If requested by the Licensor, You must remove any of the information required by Section 3(a)(1)(A) to the extent reasonably practicable. -Section 4 – Sui Generis Database Rights. +Section 4 - Sui Generis Database Rights. Where the Licensed Rights include Sui Generis Database Rights that apply to Your use of the Licensed Material: @@ -110,7 +110,7 @@ Where the Licensed Rights include Sui Generis Database Rights that apply to Your c. You must comply with the conditions in Section 3(a) if You Share all or a substantial portion of the contents of the database. For the avoidance of doubt, this Section 4 supplements and does not replace Your obligations under this Public License where the Licensed Rights include other Copyright and Similar Rights. -Section 5 – Disclaimer of Warranties and Limitation of Liability. +Section 5 - Disclaimer of Warranties and Limitation of Liability. a. Unless otherwise separately undertaken by the Licensor, to the extent possible, the Licensor offers the Licensed Material as-is and as-available, and makes no representations or warranties of any kind concerning the Licensed Material, whether express, implied, statutory, or other. This includes, without limitation, warranties of title, merchantability, fitness for a particular purpose, non-infringement, absence of latent or other defects, accuracy, or the presence or absence of errors, whether known or discoverable. Where disclaimers of warranties are not allowed in full or in part, this disclaimer may not apply to You. @@ -118,7 +118,7 @@ Section 5 – Disclaimer of Warranties and Limitation of Liability. c. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability. -Section 6 – Term and Termination. +Section 6 - Term and Termination. a. This Public License applies for the term of the Copyright and Similar Rights licensed here. However, if You fail to comply with this Public License, then Your rights under this Public License terminate automatically. @@ -134,13 +134,13 @@ Section 6 – Term and Termination. d. Sections 1, 5, 6, 7, and 8 survive termination of this Public License. -Section 7 – Other Terms and Conditions. +Section 7 - Other Terms and Conditions. a. The Licensor shall not be bound by any additional or different terms or conditions communicated by You unless expressly agreed. b. Any arrangements, understandings, or agreements regarding the Licensed Material not stated herein are separate from and independent of the terms and conditions of this Public License. -Section 8 – Interpretation. +Section 8 - Interpretation. a. For the avoidance of doubt, this Public License does not, and shall not be interpreted to, reduce, limit, restrict, or impose conditions on any use of the Licensed Material that could lawfully be made without permission under this Public License. diff --git a/docs/graphviz/ciss.debian.live.builder.dot b/docs/graphviz/ciss.debian.live.builder.dot index e5c6e1d..767726c 100644 --- a/docs/graphviz/ciss.debian.live.builder.dot +++ b/docs/graphviz/ciss.debian.live.builder.dot @@ -2,7 +2,7 @@ // SPDX-CreationInfo: 2025-06-03; WEIDNER, Marc S.; // SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git // SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -// SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +// SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; // SPDX-FileType: SOURCE // SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 // SPDX-Comment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_arg_parser.sh b/lib/lib_arg_parser.sh index f0f6a19..d7af7e5 100644 --- a/lib/lib_arg_parser.sh +++ b/lib/lib_arg_parser.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_arg_priority_check.sh b/lib/lib_arg_priority_check.sh index c59b7c7..d5aeceb 100644 --- a/lib/lib_arg_priority_check.sh +++ b/lib/lib_arg_priority_check.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_boot_screen.sh b/lib/lib_boot_screen.sh index 494d421..e328045 100644 --- a/lib/lib_boot_screen.sh +++ b/lib/lib_boot_screen.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/lib/lib_cdi.sh b/lib/lib_cdi.sh index d62c377..13bda8f 100644 --- a/lib/lib_cdi.sh +++ b/lib/lib_cdi.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/lib/lib_change_splash.sh b/lib/lib_change_splash.sh index ad0dd69..2788632 100644 --- a/lib/lib_change_splash.sh +++ b/lib/lib_change_splash.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_check_dhcp.sh b/lib/lib_check_dhcp.sh index b4537e7..5aeae30 100644 --- a/lib/lib_check_dhcp.sh +++ b/lib/lib_check_dhcp.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_check_hooks.sh b/lib/lib_check_hooks.sh index 52e10c1..cf05f1c 100644 --- a/lib/lib_check_hooks.sh +++ b/lib/lib_check_hooks.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/lib/lib_check_kernel.sh b/lib/lib_check_kernel.sh index c5a469a..16fe973 100644 --- a/lib/lib_check_kernel.sh +++ b/lib/lib_check_kernel.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_check_pkgs.sh b/lib/lib_check_pkgs.sh index c48a492..ffca3b8 100644 --- a/lib/lib_check_pkgs.sh +++ b/lib/lib_check_pkgs.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_check_provider.sh b/lib/lib_check_provider.sh index 4262a7c..ef86ef8 100644 --- a/lib/lib_check_provider.sh +++ b/lib/lib_check_provider.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_check_stats.sh b/lib/lib_check_stats.sh index 0fd9f51..f37b053 100644 --- a/lib/lib_check_stats.sh +++ b/lib/lib_check_stats.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_check_var.sh b/lib/lib_check_var.sh index adfb3c4..6c59bf8 100644 --- a/lib/lib_check_var.sh +++ b/lib/lib_check_var.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. @@ -23,7 +23,7 @@ check_var() { declare var_name_to_check="$1" if [[ -n "${!var_name_to_check+exists}" ]]; then if [[ -n "${!var_name_to_check}" ]]; then - printf "\e[92mβœ… Variable: '%s' exists and is NOT empty: Β»%sΒ« \e[0m\n" "${var_name_to_check}" "${!var_name_to_check}" + printf "\e[92mβœ… Variable: '%s' exists and is NOT empty: '%s' \e[0m\n" "${var_name_to_check}" "${!var_name_to_check}" else printf "\e[92mβœ… Variable: '%s' exists but is empty. \e[0m\n" "${var_name_to_check}" fi diff --git a/lib/lib_clean_screen.sh b/lib/lib_clean_screen.sh index 2c4fc7a..0ea221a 100644 --- a/lib/lib_clean_screen.sh +++ b/lib/lib_clean_screen.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/lib/lib_clean_up.sh b/lib/lib_clean_up.sh index 9e652bc..ee5ee77 100644 --- a/lib/lib_clean_up.sh +++ b/lib/lib_clean_up.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_copy_integrity.sh b/lib/lib_copy_integrity.sh index 9de42b0..3501b50 100644 --- a/lib/lib_copy_integrity.sh +++ b/lib/lib_copy_integrity.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/lib/lib_debug.sh b/lib/lib_debug.sh index d8dec56..4607d24 100644 --- a/lib/lib_debug.sh +++ b/lib/lib_debug.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/lib/lib_debug_header.sh b/lib/lib_debug_header.sh index f75a243..1838ca0 100644 --- a/lib/lib_debug_header.sh +++ b/lib/lib_debug_header.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/lib/lib_hardening_root_pw.sh b/lib/lib_hardening_root_pw.sh index bedc6f8..53e5dc1 100644 --- a/lib/lib_hardening_root_pw.sh +++ b/lib/lib_hardening_root_pw.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_hardening_ssh.sh b/lib/lib_hardening_ssh.sh index 989e1c5..d84fb06 100644 --- a/lib/lib_hardening_ssh.sh +++ b/lib/lib_hardening_ssh.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_hardening_ultra.sh b/lib/lib_hardening_ultra.sh index e7f5517..37729b2 100644 --- a/lib/lib_hardening_ultra.sh +++ b/lib/lib_hardening_ultra.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_helper_ip.sh b/lib/lib_helper_ip.sh index 093e24f..b005501 100644 --- a/lib/lib_helper_ip.sh +++ b/lib/lib_helper_ip.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/lib/lib_lb_build_start.sh b/lib/lib_lb_build_start.sh index 532a5ec..bea72e1 100644 --- a/lib/lib_lb_build_start.sh +++ b/lib/lib_lb_build_start.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_lb_config_start.sh b/lib/lib_lb_config_start.sh index a3d51a6..e468fc6 100644 --- a/lib/lib_lb_config_start.sh +++ b/lib/lib_lb_config_start.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_lb_config_write.sh b/lib/lib_lb_config_write.sh index d5186b9..0f8ff48 100644 --- a/lib/lib_lb_config_write.sh +++ b/lib/lib_lb_config_write.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_provider_netcup.sh b/lib/lib_provider_netcup.sh index 2872eb4..6cb0313 100644 --- a/lib/lib_provider_netcup.sh +++ b/lib/lib_provider_netcup.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/lib/lib_run_analysis.sh b/lib/lib_run_analysis.sh index adf9439..83fdee0 100644 --- a/lib/lib_run_analysis.sh +++ b/lib/lib_run_analysis.sh @@ -2,8 +2,8 @@ # SPDX-Version: 3.0 # SPDX-CreationInfo: 2025-05-07; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git -# SPDX-FileContributor: ZIMNOL, AndrΓ© H.; Private Contributor -# SPDX-FileCopyrightText: 2025; ZIMNOL, AndrΓ© H.; +# SPDX-FileContributor: ZIMNOL, Andre H.; Private Contributor +# SPDX-FileCopyrightText: 2025; ZIMNOL, Andre H.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. @@ -86,7 +86,7 @@ run_analysis() { printf "\e[97mπŸ“‚ Chroot-Size : %s \e[0m\n" "${chroot_size_hr}" printf "\e[97mπŸ“‰ Compression-level : %s \e[0m\n" "${compression}" printf "\e[97mπŸ“¦ Packages : %s \e[0m\n" "${package_count}" - printf "\e[97m⏱ Build Time : %s \e[0m\n" "${build_duration}" + printf "\e[97mπŸ• Build Time : %s \e[0m\n" "${build_duration}" printf "\e[97m🧠 CPUs for SquashFS : %s \e[0m\n" "${squash_cpu_used}" printf "\e[97mπŸ” SHA256SUM : %s \e[0m\n" "${sha_sum}" printf "\e[92m────────────────────────────────────────────────────────────────────────────────────────\e[0m\n" diff --git a/lib/lib_sanitizer.sh b/lib/lib_sanitizer.sh index fb641bd..c7061f4 100644 --- a/lib/lib_sanitizer.sh +++ b/lib/lib_sanitizer.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework. diff --git a/lib/lib_trap_on_err.sh b/lib/lib_trap_on_err.sh index 5030e78..a21f2ba 100644 --- a/lib/lib_trap_on_err.sh +++ b/lib/lib_trap_on_err.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_trap_on_exit.sh b/lib/lib_trap_on_exit.sh index 9e9cbdf..1a5aa32 100644 --- a/lib/lib_trap_on_exit.sh +++ b/lib/lib_trap_on_exit.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/lib/lib_usage.sh b/lib/lib_usage.sh index d0488ee..26f1e7e 100644 --- a/lib/lib_usage.sh +++ b/lib/lib_usage.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/var/colors.var.sh b/var/colors.var.sh index 6481692..8214f99 100644 --- a/var/colors.var.sh +++ b/var/colors.var.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. diff --git a/var/global.var.sh b/var/global.var.sh index 9505bbd..0301c5e 100644 --- a/var/global.var.sh +++ b/var/global.var.sh @@ -3,7 +3,7 @@ # SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024–2025; WEIDNER, Marc S.; +# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.