Patrick Schleizer issues

Results 190 issues of


                                            Patrick Schleizer

file/folder permissions issue `d????????? ? ? ? ? ? .` | Firefox no longer starting (probably not not a Firefox issue) | caused by disallow registering interpreters for miscellaneous binary formats `sysctl fs.binfmt_misc.status=0`

`ls -la .mozilla` ``` ls: cannot access '.mozilla/..': Permission denied ls: cannot access '.mozilla/.': Permission denied total 0 d????????? ? ? ? ? ? . d????????? ? ? ? ?...

drop legacy support: stop supporting oldstable and older

https://github.com/grml/grml-debootstrap/pull/266 is one example of something difficult to implement due to old version support. That is versions older than Debian stable. Speak stable -1 (oldstable) or stable -2 (oldoldstable) or...

some dracut modules fail to copy systemd system drop-in configuration snippets

**Describe the bug** Some dracut modules fail to copy systemd system drop-ins. This is no surprise by looking at the source code. Quote [`modules.d/01systemd-repart/module-setup.sh`](https://github.com/dracut-ng/dracut-ng/blob/main/modules.d/01systemd-repart/module-setup.sh) ``` inst_multiple -o \ "/usr/lib/repart.d/*.conf" \...

bug

mitigate relay attacks

**Is your feature request related to a problem? Please describe.** Quote https://tech.michaelaltfield.net/2023/02/16/evil-maid-heads-pureboot/ > Relay attack > > While the TOTP solution cleverly solves the replay attack, it’s still vulnerable to...

Kicksecure template

### The problem you're addressing (if any) A Kicksecure Qubes Template is unavailable. The only way to use Kicksecure in Qubes is [Distribution Morphing](https://www.kicksecure.com/wiki/Qubes#Distribution_Morphing). ### The solution you'd like Provide...

P: default

C: Kicksecure

community template

Kicksecure inside Debian Template sdwdate qrexec Denied message

Installing Kicksecure inside Debian Template (Following [distro-morphing](https://www.kicksecure.com/wiki/Debian) instructions) the Appvm which is based on kicksecure template will give tons of the same error reported above: (The Appvm called I2P) ![kicksecurecallsyswhonix](https://user-images.githubusercontent.com/11895339/163480499-54b5b0ec-e932-4d67-b812-d42572295f5b.png)...

P: default

diagnosed

C: Kicksecure

affects-4.1

affects-4.2

community template

qubes-app-shutdown-idle incompatible with user-sysmaint-split (and/or without qubes-core-agent-passwordless-root package)

### Qubes OS release R4.2 ### Brief summary `qubes-app-shutdown-idle` does not shutdown Whonix (and Kicksecure?) VMs. ### Steps to reproduce Unknown. Probably "normal" use of `qubes-app-shutdown-idle`. Was reported by user:...

C: other

good first issue

P: default

diagnosed

affects-4.2

add conspicuous EOL indicator widget for dom0

### The problem you're addressing (if any) Users fail to notice dom0 EOL (end-of-life). ([example](https://forums.whonix.org/t/whonix-gateway-broken-after-last-upgrade/21605)) Some users are not reading release announcements or are missing key information. ### The solution...

C: Qubes GUI tools

P: default

pr submitted

mitigate relay attacks

Does keylime mitigate relay attacks? From what I've read, I would not know how it could. What do you I mean by relay attack? Quote [Trusted Boot (Anti-Evil-Maid, Heads, and...

question

review secureblue sysctl

* https://github.com/secureblue/secureblue/blob/live/files/system/etc/sysctl.d/hardening.conf * https://github.com/secureblue/secureblue/blob/a6b58f042b0e9e9036a6d68a5b202eed96a1a892/files/system/etc/sysctl.d/hardening.conf