Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/QubesOS/qubes-antievilmaid
Qubes component: antievilmaid
https://github.com/QubesOS/qubes-antievilmaid
Avoid cryptsetup password prompt
Pipe in the master key, cryptsetup verifies that it's the right one.
And let it deal with all ke...
Split up the freshness slot db
Storing (only) the freshness slot number in
/var/lib/anti-evil-maid/aem<suffix>/tpm-freshness-sl...
README: oathtool ignores spaces, substrings of valid padding
35e286bed5d7dce90b17d7d5c2ec506257927a45 authored over 7 years ago by Rusty Bird <[email protected]>
35e286bed5d7dce90b17d7d5c2ec506257927a45 authored over 7 years ago by Rusty Bird <[email protected]>
remove dracut module dependency on "touch"
ab54284c13102409f5face1ef47478bd8b70c32e authored over 7 years ago by Patrik Hagara <[email protected]>
ab54284c13102409f5face1ef47478bd8b70c32e authored over 7 years ago by Patrik Hagara <[email protected]>
Use AEM device label as TOTP label
To differentiate between multiple AEM devices, and to avoid being
intriguing and googleable in c...
Simplify tpm_nv*_std*
Also removed the TODO comment, it's fine to let the caller handle that.
2e0d4be7ee3da820f13f288c42086b709432f428 authored over 7 years ago by Rusty Bird <[email protected]>
README: Use "sudo -s", like when copying the blob
7dfa4f3a3f977d542d6cec39c348efb2fd360b88 authored over 7 years ago by Rusty Bird <[email protected]>
7dfa4f3a3f977d542d6cec39c348efb2fd360b88 authored over 7 years ago by Rusty Bird <[email protected]>
-unseal: Uppercase long-ranging variables, move them a bit
7dc2ea35a55e647e4c051218ba6504bc085b889f authored over 7 years ago by Rusty Bird <[email protected]>
7dc2ea35a55e647e4c051218ba6504bc085b889f authored over 7 years ago by Rusty Bird <[email protected]>
-unseal: Use $UNSEALED_SECRET for freshness token secret
a4bce7a2ee2f79bd3d054c19e9d7169e976beca6 authored over 7 years ago by Rusty Bird <[email protected]>
a4bce7a2ee2f79bd3d054c19e9d7169e976beca6 authored over 7 years ago by Rusty Bird <[email protected]>
readme: manufacturer-seeded TOTP token support
a4b238400f46843ad4486e2e330b87ec3f8aa9dc authored over 7 years ago by Patrik Hagara <[email protected]>
a4b238400f46843ad4486e2e330b87ec3f8aa9dc authored over 7 years ago by Patrik Hagara <[email protected]>
-unseal: Unify Plymouth and non-Plymouth .otp/.key code
0b29fdd23d1d52dd5e32bea97c2f1fc6a45bc5c3 authored over 7 years ago by Rusty Bird <[email protected]>
0b29fdd23d1d52dd5e32bea97c2f1fc6a45bc5c3 authored over 7 years ago by Rusty Bird <[email protected]>
-unseal: Skip readonly message if unnecessary
e4d04a4641b99d3cfd6c8aaba13bb3804c11629f authored over 7 years ago by Rusty Bird <[email protected]>
e4d04a4641b99d3cfd6c8aaba13bb3804c11629f authored over 7 years ago by Rusty Bird <[email protected]>
module-setup.sh: Remove stale dependencies
20a9953189dd2be2ce5d9bab57707ab2299a1199 authored over 7 years ago by Rusty Bird <[email protected]>
20a9953189dd2be2ce5d9bab57707ab2299a1199 authored over 7 years ago by Rusty Bird <[email protected]>
Increase waitforenter() timeouts
76a401faef58c25c0112aa983118fbadd7d1432d authored over 7 years ago by Rusty Bird <[email protected]>
76a401faef58c25c0112aa983118fbadd7d1432d authored over 7 years ago by Rusty Bird <[email protected]>
-unseal: Let systemd cleanup /tmp files on initrd exit
e986b4d39e9796ee9f6d8c801ab810f29c9d7fb8 authored over 7 years ago by Rusty Bird <[email protected]>
e986b4d39e9796ee9f6d8c801ab810f29c9d7fb8 authored over 7 years ago by Rusty Bird <[email protected]>
Only reseal .txt/.otp/.key if necessary
6d59863d7598d857ba44f7431c12b5ca96b8274b authored over 7 years ago by Rusty Bird <[email protected]>
6d59863d7598d857ba44f7431c12b5ca96b8274b authored over 7 years ago by Rusty Bird <[email protected]>
-seal: Factor out $LABEL_SUFFIX
13304570b106bcfd873419a88c980a41fff4e003 authored over 7 years ago by Rusty Bird <[email protected]>
13304570b106bcfd873419a88c980a41fff4e003 authored over 7 years ago by Rusty Bird <[email protected]>
-seal: Make functions etc. inherit the ERR trap
c991d2c935ba45820b6156c6d09001194bc07538 authored over 7 years ago by Rusty Bird <[email protected]>
c991d2c935ba45820b6156c6d09001194bc07538 authored over 7 years ago by Rusty Bird <[email protected]>
README: Adjust references
49ef07428ec8be4fdfe844ea18569960ab7ddcfc authored over 7 years ago by Rusty Bird <[email protected]>
49ef07428ec8be4fdfe844ea18569960ab7ddcfc authored over 7 years ago by Rusty Bird <[email protected]>
make aem-install logs fit 80-char wide terminals
2eaf3d5a3d19dd73de321c491b470fd9e882cb70 authored over 7 years ago by Patrik Hagara <[email protected]>
2eaf3d5a3d19dd73de321c491b470fd9e882cb70 authored over 7 years ago by Patrik Hagara <[email protected]>
rewrap long lines
700d0efae7c92cdfa446010b02369c220bacad01 authored over 7 years ago by Patrik Hagara <[email protected]>
700d0efae7c92cdfa446010b02369c220bacad01 authored over 7 years ago by Patrik Hagara <[email protected]>
add recovery instructions for text secret & passphrase snooping
d7dd0d60882515fb5826250ec2ca3040cae2523f authored over 7 years ago by Patrik Hagara <[email protected]>
d7dd0d60882515fb5826250ec2ca3040cae2523f authored over 7 years ago by Patrik Hagara <[email protected]>
remove "success" type message from checkfreshness() lib func
as it's needlessly noisy
cc57de379d24e10b0a257cd1ffd2a34b25447f50 authored over 7 years ago by Patrik Hagara <[email protected]>
remove tpm_takeownership section from README
as the aem-install script now takes care of this
e5859291696b7838f3770b0d5744e1ccab442796 authored over 7 years ago by Patrik Hagara <[email protected]>
fix a typo
a89ca72e0019428d095a7fe4001183efd1a4e184 authored over 7 years ago by Patrik Hagara <[email protected]>
a89ca72e0019428d095a7fe4001183efd1a4e184 authored over 7 years ago by Patrik Hagara <[email protected]>
change MFA skip keybind from <Q> to <T>
as in "text", since it reverts to static text secret verification
ef361fe9c5ce8c1dc8590151e8a97697fe41abd1 authored over 7 years ago by Patrik Hagara <[email protected]>
bump -unseal.service timeout to 5 min (from default 90s)
bc2b7e643ab53b4faa01c2f567969eab7551957a authored over 7 years ago by Patrik Hagara <[email protected]>
bc2b7e643ab53b4faa01c2f567969eab7551957a authored over 7 years ago by Patrik Hagara <[email protected]>
add more info to readme
01d1552da9cf094430efc327b285370f7b0c92fa authored over 7 years ago by Patrik Hagara <[email protected]>
01d1552da9cf094430efc327b285370f7b0c92fa authored over 7 years ago by Patrik Hagara <[email protected]>
ignore crypttab in order to make hostonly dracut use the key file
91c1294298661418ede51715c9ed685c3edc181f authored over 7 years ago by Patrik Hagara <[email protected]>
91c1294298661418ede51715c9ed685c3edc181f authored over 7 years ago by Patrik Hagara <[email protected]>
tpm_id: remove mention of non-existent "-c" flag
ac5bdea3afcc91bb5205604fcdf8a3fd5d6cff6e authored over 7 years ago by Patrik Hagara <[email protected]>
ac5bdea3afcc91bb5205604fcdf8a3fd5d6cff6e authored over 7 years ago by Patrik Hagara <[email protected]>
-install: get rid of unwanted console output
ff143d4426988bf1d3cab8f4ca4921b61dd00103 authored over 7 years ago by Patrik Hagara <[email protected]>
ff143d4426988bf1d3cab8f4ca4921b61dd00103 authored over 7 years ago by Patrik Hagara <[email protected]>
add missing tpm_nvread_stdout script to initramfs
ce8ce15f358e1fbb91a3206160870fadde0b658a authored over 7 years ago by Patrik Hagara <[email protected]>
ce8ce15f358e1fbb91a3206160870fadde0b658a authored over 7 years ago by Patrik Hagara <[email protected]>
-install: remove spurious "--pwdo=" passed to createtpmnvram as a pw
04bb7a06cd1c2d649b9678449ff4b5007c7b0815 authored over 7 years ago by Patrik Hagara <[email protected]>
04bb7a06cd1c2d649b9678449ff4b5007c7b0815 authored over 7 years ago by Patrik Hagara <[email protected]>
-install: fix a typo
cd0fb818906489fe7673591af98c4970baf0c932 authored over 7 years ago by Patrik Hagara <[email protected]>
cd0fb818906489fe7673591af98c4970baf0c932 authored over 7 years ago by Patrik Hagara <[email protected]>
-install: taking ownership & creating ID
5ad57a1280f1edf16fdf6af1dbe352993b191ca0 authored over 7 years ago by Patrik Hagara <[email protected]>
5ad57a1280f1edf16fdf6af1dbe352993b191ca0 authored over 7 years ago by Patrik Hagara <[email protected]>
drop create functionality from tpm_id
7b7f1d7b2df205b38c480e5fde73b7095adbc7e3 authored over 7 years ago by Patrik Hagara <[email protected]>
7b7f1d7b2df205b38c480e5fde73b7095adbc7e3 authored over 7 years ago by Patrik Hagara <[email protected]>
fix possible i18n issues by forcing C locale
9a11cdfcade361c4de3fcfa7b9fa5af780c3a82b authored over 7 years ago by Patrik Hagara <[email protected]>
9a11cdfcade361c4de3fcfa7b9fa5af780c3a82b authored over 7 years ago by Patrik Hagara <[email protected]>
remove unnecessary code
d7d860560585860f712512319f7943eb1c7939e0 authored over 7 years ago by Patrik Hagara <[email protected]>
d7d860560585860f712512319f7943eb1c7939e0 authored over 7 years ago by Patrik Hagara <[email protected]>
create standalone tpm_nvwrite_stdin & tpm_nvwrite_stdout scripts, refactor
da32b85cdde99b451b07ad143f0c0ee74260d401 authored over 7 years ago by Patrik Hagara <[email protected]>
da32b85cdde99b451b07ad143f0c0ee74260d401 authored over 7 years ago by Patrik Hagara <[email protected]>
-install: fix TPM owner password query when creating NVRAM area
6abcb43747e43808f966266afe6ad9d5555ad9fd authored over 7 years ago by Patrik Hagara <[email protected]>
6abcb43747e43808f966266afe6ad9d5555ad9fd authored over 7 years ago by Patrik Hagara <[email protected]>
trousers-chager/tpm_id: factor out helper functions
09f29d33f761745f1b77bdf180c7235caec6a9d4 authored over 7 years ago by Patrik Hagara <[email protected]>
09f29d33f761745f1b77bdf180c7235caec6a9d4 authored over 7 years ago by Patrik Hagara <[email protected]>
make use of the new "waitforenter" lib function
ed75ea4b8d1821064a1937d7cc5383d04067de94 authored over 7 years ago by Patrik Hagara <[email protected]>
ed75ea4b8d1821064a1937d7cc5383d04067de94 authored over 7 years ago by Patrik Hagara <[email protected]>
implement "waitforenter" lib function
711cf77dfd4cb3a158e2f5ae5621b3ce9061c6a7 authored over 7 years ago by Patrik Hagara <[email protected]>
711cf77dfd4cb3a158e2f5ae5621b3ce9061c6a7 authored over 7 years ago by Patrik Hagara <[email protected]>
remove unused "writable" lib function
52bb69b7d5c4a378e4d628b95e24534a809a8d12 authored over 7 years ago by Patrik Hagara <[email protected]>
52bb69b7d5c4a378e4d628b95e24534a809a8d12 authored over 7 years ago by Patrik Hagara <[email protected]>
updatefreshness: mandatory suffix argument
de08266d599d523a532d23559b6dc2b7e5b24ebc authored over 7 years ago by Patrik Hagara <[email protected]>
de08266d599d523a532d23559b6dc2b7e5b24ebc authored over 7 years ago by Patrik Hagara <[email protected]>
pass TPM owner pw directly instead of letting tpm-tools prompt for it
47f1530f57fb2671989f2acef6245b748009ccb2 authored over 7 years ago by Patrik Hagara <[email protected]>
47f1530f57fb2671989f2acef6245b748009ccb2 authored over 7 years ago by Patrik Hagara <[email protected]>
remove unneeded MFA sanity check
1467cb67321ec68cdc4c7ec01983993c070de7c6 authored over 7 years ago by Patrik Hagara <[email protected]>
1467cb67321ec68cdc4c7ec01983993c070de7c6 authored over 7 years ago by Patrik Hagara <[email protected]>
remove png support
1b603fe5ef26b4de6e4d7afb84beb409b1ca6e2a authored over 7 years ago by Patrik Hagara <[email protected]>
1b603fe5ef26b4de6e4d7afb84beb409b1ca6e2a authored over 7 years ago by Patrik Hagara <[email protected]>
add multi-factor AEM support
715abbc13a7d59b8d4a72ec6696b621fa76e2a95 authored over 7 years ago by Patrik Hagara <[email protected]>
715abbc13a7d59b8d4a72ec6696b621fa76e2a95 authored over 7 years ago by Patrik Hagara <[email protected]>
version 3.0.5
680c59db3d0fb1608add8c8828d6268fe12cbcb8 authored almost 8 years ago by Marek Marczykowski-Górecki <[email protected]>
680c59db3d0fb1608add8c8828d6268fe12cbcb8 authored almost 8 years ago by Marek Marczykowski-Górecki <[email protected]>
We can be a little more helpful.
75cc68df7a891bd9355e63e167711ea50b836505 authored almost 8 years ago by Matt McCutchen <[email protected]>
75cc68df7a891bd9355e63e167711ea50b836505 authored almost 8 years ago by Matt McCutchen <[email protected]>
Explain how to view the tboot log, in combination with a6ddc2e.
93d2def66bff72741494b07a5bf29147f75f55aa authored almost 8 years ago by Matt McCutchen <[email protected]>
93d2def66bff72741494b07a5bf29147f75f55aa authored almost 8 years ago by Matt McCutchen <[email protected]>
Use /sys/devices/*/*/pcrs in README too then
199c51c2e72a298625308b71f99da59549618528 authored almost 8 years ago by Rusty Bird <[email protected]>
199c51c2e72a298625308b71f99da59549618528 authored almost 8 years ago by Rusty Bird <[email protected]>
Invalidate existing users' sealed secrets
Ensure that users already affected by QubesOS/qubes-issues#2569 have to
reseal their secret, so ...
-seal: Abort if standard PCRs to be used are empty
Fixes QubesOS/qubes-issues#2569
a6ddc2e92719803845d52ecc5a8acdb182b37392 authored almost 8 years ago by Rusty Bird <[email protected]>
-seal: #!/bin/sh -> #!/bin/bash
Needed for the next commit
a4d8d9d1bf666c0ef3a3467ad8d769f60bee587c authored almost 8 years ago by Rusty Bird <[email protected]>
-unseal: Disable nullglob
Unused since "Seal only to the one device used for the failed unseal":
https://github.com/QubesO...
Rephrase tboot message
b55fbde89c56184b54b343876d85c256fb73d97d authored almost 8 years ago by Rusty Bird <[email protected]>
b55fbde89c56184b54b343876d85c256fb73d97d authored almost 8 years ago by Rusty Bird <[email protected]>
Merge remote-tracking branch 'qubesos/pr/18'
* qubesos/pr/18:
anti-evil-maid-check-mount-devs: check recursively for encrypted devices
travis: drop debootstrap workaround
Move to qubes-builder
Signed-off-by: Marek Marczykowski-Górecki <[email protected]>
59e8dcfd34c1b89c6c594648c40973dd87c51db7 authored almost 8 years ago by Marek Marczykowski-Górecki <[email protected]>
anti-evil-maid-check-mount-devs: check recursively for encrypted devices
This fixes the error `AEM: (bogus?) root device found not encrypted!`
when using LVM snapshots, ...
Update SINIT link and wrap lines
d4fae5575ca0d1050e6d79b03fc4012f8d3e35d0 authored about 8 years ago by Andrew David Wong <[email protected]>
d4fae5575ca0d1050e6d79b03fc4012f8d3e35d0 authored about 8 years ago by Andrew David Wong <[email protected]>
Require legacy boot and volume group encryption
Closes QubesOS/qubes-issues#2354
Closes QubesOS/qubes-issues#2355
Remove rd.qubes.hide_all_usb if using USB AEM device
1b5d8719e45fa95b013ab1b1201e24bd8e3c758c authored over 8 years ago by Andrew David Wong <[email protected]>
1b5d8719e45fa95b013ab1b1201e24bd8e3c758c authored over 8 years ago by Andrew David Wong <[email protected]>
version 3.0.4
99b0799a2396b9e89a86eb538e337d4502a4d5d4 authored over 8 years ago by Marek Marczykowski-Górecki <[email protected]>
99b0799a2396b9e89a86eb538e337d4502a4d5d4 authored over 8 years ago by Marek Marczykowski-Górecki <[email protected]>
Merge remote-tracking branch 'qubesos/pr/14'
* qubesos/pr/14:
Update dependencies
Run tcsd_changer_migrate before tcsd runs, not after in...
Update dependencies
91702eb94df607d393a382e95890abb611ff08ac authored over 8 years ago by Rusty Bird <[email protected]>
91702eb94df607d393a382e95890abb611ff08ac authored over 8 years ago by Rusty Bird <[email protected]>
Run tcsd_changer_migrate before tcsd runs, not after installation
(It is idempotent)
3393b8d63eaf479e012f6a79d63958608a781507 authored over 8 years ago by Rusty Bird <[email protected]>
version 3.0.3
bda272e7f5ce5c87c1581d021926d1124b7dd332 authored over 8 years ago by Marek Marczykowski-Górecki <[email protected]>
bda272e7f5ce5c87c1581d021926d1124b7dd332 authored over 8 years ago by Marek Marczykowski-Górecki <[email protected]>
dracut: fix /etc/{passwd,group,shadow} entries
With the newer dracut version in R3.2 other modules also modify
/etc/{passwd,group,shadow} and t...
During late boot, start tcsd.service only when needed
This speeds up the boot process a few seconds in the normal case, where
resealing is not needed....
travis: initial version
QubesOS/qubes-issues#1926
929640c89bbf9548207ba26a8c2d16a0a5345d96 authored over 8 years ago by Marek Marczykowski-Górecki <[email protected]>
version 3.0.2
ac3ad759cc1ae2602647c9d8274ffd4cda0dd6cd authored over 8 years ago by Marek Marczykowski-Górecki <[email protected]>
ac3ad759cc1ae2602647c9d8274ffd4cda0dd6cd authored over 8 years ago by Marek Marczykowski-Górecki <[email protected]>
Add note on length of the secret
Plymouth's message display limits messages to < 255 bytes, but this isn't
mentioned in the README.
README: Update blog post URL, mention it is outdated
8ebad8bb3b2fb7dbcd8b4b0fdec2bea77768ba57 authored almost 9 years ago by Rusty Bird <[email protected]>
8ebad8bb3b2fb7dbcd8b4b0fdec2bea77768ba57 authored almost 9 years ago by Rusty Bird <[email protected]>
README: sudo for SINIT blob
181f89cebb49fd07f3e089d22272b220b6611a19 authored almost 9 years ago by Rusty Bird <[email protected]>
181f89cebb49fd07f3e089d22272b220b6611a19 authored almost 9 years ago by Rusty Bird <[email protected]>
version 3.0.1
826108eeee1d51ecfdbf3eb1ce9b17260fa9aa54 authored about 9 years ago by Marek Marczykowski-Górecki <[email protected]>
826108eeee1d51ecfdbf3eb1ce9b17260fa9aa54 authored about 9 years ago by Marek Marczykowski-Górecki <[email protected]>
Add blank line
65a64dccb298bd1abb820bcc4ff458a21dc6e0ca authored about 9 years ago by Rusty Bird <[email protected]>
65a64dccb298bd1abb820bcc4ff458a21dc6e0ca authored about 9 years ago by Rusty Bird <[email protected]>
Reinsert "udevadm trigger/settle" against duplicate label attacks
2aacce8c644afef247651f14f4b69b56623ada89 authored about 9 years ago by Rusty Bird <[email protected]>
2aacce8c644afef247651f14f4b69b56623ada89 authored about 9 years ago by Rusty Bird <[email protected]>
version 3.0.0
fe1cb6ea010a746314faf599779714917fc2bf8d authored about 9 years ago by Marek Marczykowski-Górecki <[email protected]>
fe1cb6ea010a746314faf599779714917fc2bf8d authored about 9 years ago by Marek Marczykowski-Górecki <[email protected]>
Merge remote-tracking branch 'qubesos/pr/9'
* qubesos/pr/9: (71 commits)
Make -unseal wait until an AEM device appears
Correct indentati...
Make -unseal wait until an AEM device appears
48b1d244ec7d3e66627769f3b6e32de4d1617286 authored about 9 years ago by Rusty Bird <[email protected]>
48b1d244ec7d3e66627769f3b6e32de4d1617286 authored about 9 years ago by Rusty Bird <[email protected]>
Correct indentation
40fcee17c2edf788ce47a6470ef962fece5ad11d authored about 9 years ago by Rusty Bird <[email protected]>
40fcee17c2edf788ce47a6470ef962fece5ad11d authored about 9 years ago by Rusty Bird <[email protected]>
Handle existing $MNT/ and $CACHE_DIR/
34769d99ffb8f35e83fb52b20aea43ec59860801 authored about 9 years ago by Rusty Bird <[email protected]>
34769d99ffb8f35e83fb52b20aea43ec59860801 authored about 9 years ago by Rusty Bird <[email protected]>
minor: handle already existing /var/lib/tpms
5a15f0e20e687289ba323d1c6ab8b16b69a7bb64 authored about 9 years ago by Marek Marczykowski-Górecki <[email protected]>
5a15f0e20e687289ba323d1c6ab8b16b69a7bb64 authored about 9 years ago by Marek Marczykowski-Górecki <[email protected]>
Reuse getluksuuids()
This also takes rd_LUKS_UUID into account, in addition to rd.luks.uuid
2578617bcaf555b3c51a3430d6ff71d566054e49 authored about 9 years ago by Rusty Bird <[email protected]>
Fix miscopied variable name
12459ba80fa7612d7d76f5e90174e72d67295360 authored about 9 years ago by Rusty Bird <[email protected]>
12459ba80fa7612d7d76f5e90174e72d67295360 authored about 9 years ago by Rusty Bird <[email protected]>
Refuse to continue when disk is not encrypted
It should be obvious, but when not checked, the script will try to wipe
/boot, which isn't good...
Consider all LUKS devices when checking if the device is "external"
b036dec2c410721c103cec4ea438db6f54e76ca1 authored about 9 years ago by Marek Marczykowski-Górecki <[email protected]>
b036dec2c410721c103cec4ea438db6f54e76ca1 authored about 9 years ago by Marek Marczykowski-Górecki <[email protected]>
Compare major:minor before assigning 'replace'
Instead of overriding 'replace' later
351d1a468ce1ab2ef0497cb70a840b7b6d3e47d9 authored about 9 years ago by Rusty Bird <[email protected]>
Rename $TARGET_MAJMIN to $PART_DEV_MAJMIN
b5eec9f326ae45ef8fa413fdd00b5a532df6d5e1 authored about 9 years ago by Rusty Bird <[email protected]>
b5eec9f326ae45ef8fa413fdd00b5a532df6d5e1 authored about 9 years ago by Rusty Bird <[email protected]>
Work if /boot is not a mountpoint, but a regular directory
In which case 'mountpoint -d' and thus anti-evil-maid-install would
fail, because it is run in '...
Handle the situation when /boot is already on the target device
User might already moved the /boot to external device, or even installed
the system such way to ...
Mention external installations and /etc/fstab again
f92b468fae47d8e41ee675fc928892990e3d8ab7 authored over 9 years ago by Rusty Bird <[email protected]>
f92b468fae47d8e41ee675fc928892990e3d8ab7 authored over 9 years ago by Rusty Bird <[email protected]>
'chmod -x' the tboot grub.d files in %post as well
%triggerin runs after %post, that's too late.
786d9af9408678563519624ade74e1bb018c7dc7 authored over 9 years ago by Rusty Bird <[email protected]>
Fix typo
5b2c841d57f99cdadb0797ea539dcc31cdfd7263 authored over 9 years ago by Rusty Bird <[email protected]>
5b2c841d57f99cdadb0797ea539dcc31cdfd7263 authored over 9 years ago by Rusty Bird <[email protected]>
No harm in trying to continue if tpm_resetdalock fails
86ac69c926901ee19d2c2210aa9343d007ed28a0 authored over 9 years ago by Rusty Bird <[email protected]>
86ac69c926901ee19d2c2210aa9343d007ed28a0 authored over 9 years ago by Rusty Bird <[email protected]>
Stuff the 'removable' quirk into the fs label
2747235c1fa4cf8edd42ea6aaac4ae2272c9e547 authored over 9 years ago by Rusty Bird <[email protected]>
2747235c1fa4cf8edd42ea6aaac4ae2272c9e547 authored over 9 years ago by Rusty Bird <[email protected]>
Hide AEM from the boot menu when not in use
0786b3531468abbdc37f92656396928f74296799 authored over 9 years ago by Rusty Bird <[email protected]>
0786b3531468abbdc37f92656396928f74296799 authored over 9 years ago by Rusty Bird <[email protected]>
Prompt for SRK password up to three times
Verify that it's the correct password by sealing /dev/null. If it's
wrong, reset the dictionary ...