V8.13.512.2025.11.26

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-11-26 09:54:11 +00:00
parent d6a13779aa
commit afe0dd7038
44 changed files with 56 additions and 62 deletions
--- a/config/includes.chroot/etc/ssh/ssh_known_hosts
+++ b/config/includes.chroot/etc/ssh/ssh_known_hosts
@@ -9,7 +9,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu

-# Version Master V8.13.440.2025.11.19
+# Version Master V8.13.512.2025.11.26

 [git.coresecret.dev]:42842 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQA107AVmg1D/jnyXiqbPf38zQRl8s3c+PM1zbfpeQl
 [git.coresecret.dev]:42842 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDYD9ysmMWZlejUnxu0qOzeWcIYezoFLbYdo6ffGUL5kqOBAYb+5CF4bJLUpA93XFYVF+TbrcMV1yJh6JaHFL0VU5CvgAzruCeedx0c4qUV6lWcJUGNk5K0yb9n2Wosdy6F/zTOxL9KXBt/TV+cscsen2Dahvx0ctMKgNbu+vvUcWxHf9lOkbYoF/uA/nW5CVXy5XUPVUDFUhEeKXL85+6gid5AEMfYT8aRl5YDGvo1iMBmBYOljN4S7MnRe14qbAZG0GDGvF22eHbSU2pILcFIjc2Lo/S5Ox/MJpbLAqpFlLPTKgr6F7yVwfNMSNwl05ysUOZfrQKSXzCU6+lfqKYCwemLALyG/n1ernpp7/8W/2RYoz3fd+TQyfhW++rx3yUHpYCkTv9A4LRYZYGSAWKMHSBEYq3EcATQUxQi0xpwmcR+u0uC9F9eta5Bim+sBZD6F2hgPJ5xgYT8LFm880g1YadAwBoD4TAkqSvl+jYW0VA2GH9CknKHJ36gc/X4eeUHDC1Hf/E8M5RBj4D6NuHfeVRik/ahHmoCqKQUW7VU/EBsWFsngDiLEHcV71iMtWiUddWOHwoAPHIzn6p9HTeLCxTwsPMG5UDGK/S9HUozqDXxexRtqbcFa7DWuzRvZ1bcZ2VQsaafuzKCkkc4NjC7h1wssel7q9aeYPFg+1vS6Q==
--- a/config/includes.chroot/etc/ssh/sshd_config
+++ b/config/includes.chroot/etc/ssh/sshd_config
@@ -9,7 +9,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu

-# Version Master V8.13.440.2025.11.19
+# Version Master V8.13.512.2025.11.26

 ### https://www.ssh-audit.com/
 ### ssh -Q cipher | cipher-auth | compression | kex | kex-gss | key | key-cert | key-plain | key-sig | mac | protocol-version | sig
--- a/config/includes.chroot/etc/sysctl.d/99_local.hardened
+++ b/config/includes.chroot/etc/sysctl.d/99_local.hardened
@@ -11,7 +11,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu

-# Version Master V8.13.440.2025.11.19
+# Version Master V8.13.512.2025.11.26

 ### https://docs.kernel.org/
 ### https://github.com/a13xp0p0v/kernel-hardening-checker/
--- a/config/includes.chroot/preseed/.iso/preseed_hash_generator.sh
+++ b/config/includes.chroot/preseed/.iso/preseed_hash_generator.sh
@@ -10,7 +10,7 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu

-declare -gr VERSION="Master V8.13.440.2025.11.19"
+declare -gr VERSION="Master V8.13.512.2025.11.26"

 ### VERY EARLY CHECK FOR DEBUGGING
 if [[ $* == *" --debug "* ]]; then
--- a/config/includes.chroot/preseed/preseed.cfg
+++ b/config/includes.chroot/preseed/preseed.cfg
@@ -112,4 +112,4 @@ d-i preseed/late_command string sh /preseed/.ash/3_di_preseed_late_command.sh

 # Please consider donating to my work at: https://coresecret.eu/spenden/
 ###########################################################################################
-# Written by: ./preseed_hash_generator.sh Version: Master V8.13.440.2025.11.19 at: 10:18:37.9542
+# Written by: ./preseed_hash_generator.sh Version: Master V8.13.512.2025.11.26 at: 10:18:37.9542
--- a/config/includes.chroot/usr/lib/live/boot/9990-main.sh
+++ b/config/includes.chroot/usr/lib/live/boot/9990-main.sh
@@ -56,12 +56,10 @@ Live ()
  # Needed here too because some things (*cough* udev *cough*)
  # change the timeout

-  printf "\e[93m[DEBUG] live(): Before do_netmount() pp. \e[0m\n"
  if [ -n "${NETBOOT}" ] || [ -n "${FETCH}" ] || [ -n "${HTTPFS}" ] || [ -n "${FTPFS}" ]
  then
    if do_netmount
    then
-      printf "\e[93m[DEBUG] live(): [livefs_root=%s] \e[0m\n" "${mountpoint?}"
      livefs_root="${mountpoint?}"
    else
      panic "Unable to find a live file system on the network"
@@ -69,17 +67,13 @@ Live ()
  else
    if [ -n "${ISCSI_PORTAL}" ]
    then
-      printf "\e[93m[DEBUG] live(): [do_iscsi && livefs_root=%s] \e[0m\n" "${mountpoint?}"
      do_iscsi && livefs_root="${mountpoint}"
    elif [ -n "${PLAIN_ROOT}" ] && [ -n "${ROOT}" ]
    then
      # Do a local boot from hd
-      printf "\e[93m[DEBUG] live(): Do a local boot from hd [livefs_root=%s] \e[0m\n" "${ROOT?}"
      livefs_root=${ROOT}
    else
-      printf "\e[93m[DEBUG] live(): [Setup_Memdisk] starting ... \e[0m\n"
      Setup_Memdisk
-      printf "\e[93m[DEBUG] live(): [Setup_Memdisk] finished. \e[0m\n"

      # If the live media location is given via command line and access to it
      # involves LVM volumes, the corresponding volumes need to be activated.
@@ -87,7 +81,6 @@ Live ()
      # shellcheck disable=SC2116
      for dev in $(echo "${LIVE_MEDIA}")
      do
-        printf "\e[93m[DEBUG] live(): [%s] -> dev \e[0m\n" "${dev}"
        case "${dev}" in
          /dev/mapper/*)
            # shellcheck disable=SC2046,SC2312
@@ -148,7 +141,6 @@ Live ()

  fi

-  printf "\e[93m[DEBUG] live(): Before [Verify_checksums %s] \e[0m\n" "${livefs_root}"
  Verify_checksums "${livefs_root}"

  # shellcheck disable=SC2244
@@ -188,16 +180,14 @@ Live ()

  fi

-  printf "\e[93m[DBG] Live(): before overlay, live_dest=%s \e[0m\n" "${live_dest:-<none>}"
-  printf "\e[93m[DBG] Live(): MODULETORAMFILE=%s PLAIN_ROOT=%s \e[0m\n" "${MODULETORAMFILE}" "${PLAIN_ROOT}"
  if [ -n "${MODULETORAMFILE}" ] || [ -n "${PLAIN_ROOT}" ]
  then
-    printf "\e[93m[DBG] Live(): setup_unionfs livefs_root=%s rootmnt=%s \e[0m\n" "${livefs_root}" "${rootmnt?}"
+    printf "\e[92m[INFO] Live()               : [setup_unionfs livefs_root=%s rootmnt=%s] \e[0m\n" "${livefs_root}" "${rootmnt?}"
    setup_unionfs "${livefs_root}" "${rootmnt?}"
  else
    mac="$(get_mac)"
    mac="$(echo "${mac}" | sed 's/-//g')"
-    printf "\e[93m[DBG] Live(): mount_images_in_directory livefs_root=%s rootmnt=%s mac=%s \e[0m\n" "${livefs_root}" "${rootmnt}" "${mac}"
+    printf "\e[92m[INFO] Live()               : [mount_images_in_directory livefs_root=%s rootmnt=%s mac=%s] \e[0m\n" "${livefs_root}" "${rootmnt}" "${mac}"
    mount_images_in_directory "${livefs_root}" "${rootmnt}" "${mac}"
  fi

@@ -274,5 +264,5 @@ Live ()
    cp boot.log "${rootmnt}/var/log/live" 2>/dev/null; \
    cp fsck.log "${rootmnt}/var/log/live" 2>/dev/null )

-  printf "\e[92m[INFO] Successfully applied : [/usr/lib/live/boot/9990-main.sh] ... \n\e[0m"
+  printf "\e[92m[INFO] Successfully applied : [/usr/lib/live/boot/9990-main.sh] \n\e[0m"
 }
--- a/config/includes.chroot/usr/lib/live/boot/9990-overlay.sh
+++ b/config/includes.chroot/usr/lib/live/boot/9990-overlay.sh
@@ -488,5 +488,5 @@ setup_unionfs ()
    done
  fi

-  printf "\e[92m[INFO] Successfully applied : [/usr/lib/live/boot/9990-overlay.sh] ... \n\e[0m"
+  printf "\e[92m[INFO] Successfully applied : [/usr/lib/live/boot/9990-overlay.sh] \n\e[0m"
 }
--- a/config/package-lists/live.list.common.chroot
+++ b/config/package-lists/live.list.common.chroot
@@ -112,6 +112,7 @@ pciutils
 perl
 pwgen
 python3
+ripgrep
 rkhunter
 rng-tools
 rsnapshot