From ec008778577e8f00361eacc1a27513cc8e06bbc563712021c916b91ab4d21de6 Mon Sep 17 00:00:00 2001 From: "Marc S. Weidner" Date: Fri, 28 Nov 2025 00:44:01 +0000 Subject: [PATCH] V8.13.512.2025.11.28 Signed-off-by: Marc S. Weidner --- config/hooks/live/9999_zzzz.chroot | 6 +++++- config/includes.chroot/etc/resolv.conf | 16 ---------------- docs/CHANGELOG.md | 1 - 3 files changed, 5 insertions(+), 18 deletions(-) delete mode 100644 config/includes.chroot/etc/resolv.conf diff --git a/config/hooks/live/9999_zzzz.chroot b/config/hooks/live/9999_zzzz.chroot index 4e5fb9d..3c2df02 100644 --- a/config/hooks/live/9999_zzzz.chroot +++ b/config/hooks/live/9999_zzzz.chroot @@ -20,7 +20,7 @@ rm -f /root/ciss_xdg_tmp.sh rm -fr /root/build find /etc /home /root /usr /var -type f -name '.keep' -print -delete -### Securing '/root/.ciss' ---------------------------------------------------------------------------------------------------------- +### Securing '/root/.ciss' ----------------------------------------------------------------------------------------------------- find /root/.ciss -type d -exec chmod 0700 {} + find /root/.ciss -type f -exec chmod 0440 {} + @@ -30,6 +30,10 @@ find /etc/ciss/keys -type f -exec chmod 0440 {} + ### Regenerate the initramfs for the live system kernel ------------------------------------------------------------------------ update-initramfs -u -k all -v +### Prepare '/etc/resolv.conf' for systemd-networkd ---------------------------------------------------------------------------- +rm -f /etc/resolv.conf +ln -s /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf + ### Determine the canonical systemd unit dir inside chroot --------------------------------------------------------------------- if [[ -d /lib/systemd/system ]]; then diff --git a/config/includes.chroot/etc/resolv.conf b/config/includes.chroot/etc/resolv.conf deleted file mode 100644 index c11cd22..0000000 --- a/config/includes.chroot/etc/resolv.conf +++ /dev/null @@ -1,16 +0,0 @@ -# bashsupport disable=BP5007 - -# SPDX-Version: 3.0 -# SPDX-CreationInfo: 2025-11-26; WEIDNER, Marc S.; -# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git -# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency -# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; -# SPDX-FileType: SOURCE -# SPDX-License-Identifier: LicenseRef-CNCL-1.1 OR LicenseRef-CCLA-1.1 -# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. -# SPDX-PackageName: CISS.debian.live.builder -# SPDX-Security-Contact: security@coresecret.eu - -ln -s /run/systemd/resolve/stub-resolv.conf /run/systemd/resolve/stub-resolv.conf - -# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=conf diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 212b154..c59fd5c 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -17,7 +17,6 @@ include_toc: true * **Global**: Transition of license agreements to: * [CCLA-1.1.txt](LICENSES/CCLA-1.1.txt) * [CNCL-1.1.txt](LICENSES/CNCL-1.1.txt) -* **Added**: [resolv.conf](../config/includes.chroot/etc/resolv.conf) * **Added**: [90-ciss-ethernet.network](../config/includes.chroot/etc/systemd/network/90-ciss-ethernet.network) * **Added**: [90-ciss-networkd.preset](../config/includes.chroot/usr/lib/systemd/system-preset/90-ciss-networkd.preset) * **Changed**: [unlock_wrapper.sh](../config/includes.chroot/etc/initramfs-tools/files/unlock_wrapper.sh)