## V8.13.096.2025.10.09

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

config/hooks/live/0000_basic_chroot_setup.chroot

@@ -16,8 +16,8 @@ printf "\e[95m++++ ++++ ++++ ++++ ++++ ++++ ++ 🧪 '%s' starting ... \e[0m\n" "
 export DEBIAN_FRONTEND="noninteractive"
 apt-get update -qq
 
-mkdir -p /root/.ciss/dlb/backup
-chmod 0700 /root/.ciss/dlb/backup
+mkdir -p /root/.ciss/dlb/{backup,log}
+chmod 0700 /root/.ciss/dlb/{backup,log}
 
 mkdir -p /root/git
 chmod 0700 /root/git

config/hooks/live/0001_initramfs_modules.chroot

@@ -355,7 +355,8 @@ EOF
 chmod 0755 /etc/initramfs-tools/hooks/ciss_debian_live_builder
 
 ### Regenerate the initramfs for the live system kernel
-update-initramfs -u -k all -v
+touch /root/.ciss/dlb/0001_initramfs_modules.log
+update-initramfs -u -k all -v | tee -a /root/.ciss/dlb/0001_initramfs_modules.log
 
 printf "\e[92m++++ ++++ ++++ ++++ ++++ ++++ ++ ✅ '%s' applied successfully. \e[0m\n" "${0}"
 

config/hooks/live/9996_auditd.chroot

@@ -362,8 +362,13 @@ printf '%s\0' "${rules[@]}" \
     printf '\n' >> "${tmp}"
   done
 
-install -m 0600 -o root -g root "${tmp}" /etc/audit/audit.rules
-rm -f "${tmp}"
+# shellcheck disable=2155
+declare tmp_stripped="$(mktemp)"
+sed -e '/^[[:space:]]*#/d' -e '/^[[:space:]]*$/d' "${tmp}" > "${tmp_stripped}"
+sed -E 's/[[:space:]]+#.*$//' -i "${tmp_stripped}"
+
+install -m 0600 -o root -g root "${tmp_stripped}" /etc/audit/audit.rules
+rm -f "${tmp}" "${tmp_stripped}"
 
 if ! grep -Eq '(^-a|^-w|^-e[[:space:]]+1|^-e[[:space:]]+2)' /etc/audit/audit.rules; then
   log "WARN: /etc/audit/audit.rules contains no -a/-w rules or '-e 1/2'; is this intended?"