Kevin O'Gorman
Kevin O'Gorman
Seconding Michael's points, github wikis are kindof basic and not where I would choose to build a single source of our repo docs. If one of the motivators here as...
This would be a useful automation step for the initial install, and it would enforce the use of a new dedicated SSH key for the first Admin Workstation, which is...
Relates to @nathandyer's proposal in #6531 to move to using Gnome shell extensions - if we stick with icons this will get pretty messy, but the menu option would be...
Given that we should really have a new-style `securedrop-grsec` package available before this change goes live, I'm thinking this should be included in 2.6.0 (or possible 2.5.* point release). Any...
Tested by: - setting up 2.5.2(current version) on prod VMs - building packages locally and installing using upgrade scenario (as opposed to dpkg) - [x] no warnings observed during install...
GPG pubkey and fingerprint are likely cached in Redis, if they weren't flushed from there. If it wasn't migrated then the fingerprint field is gonna be blank, so in the...
> `source.fingerprint` will fall back to the GPG keyring (`source.pgp_fingerprint` is the DB storage only) so it won't generate a new keypair. Sorry, I meant in the case where he's...
Generating signed hashes for the audit files seems like an extra hurdle, I'd be in favour of adding an overall commit signing policy - only downside I can see is...
Worked for me as well! ([10th-gen t490](https://www.qubes-os.org/hcl/#lenovo_thinkpad-t490-20rys0m200_i5-10210u_integrated-graphics-uhd-620_kevin-o-gorman_r4-0))
Staging builds (in Qubes) are consistently failing for me at this task: ``` TASK [Set sysctl flags for grsecurity.] **************************************** failed: [mon-staging] (item={'name': 'kernel.grsecurity.rwxmap_logging', 'value': '0'}) => {"ansible_loop_var": "item", "changed":...