football

KNEL/football

Fork 0

Commit Graph

Author	SHA1	Message	Date
reachableceo	efb6988719	fix: remove host FDE requirement, fix remaining audit partials Host FDE is no longer required — only guest (ISO) FDE matters per owner direction. The build host's security posture is the owner's responsibility. The Docker container already isolates the build process. Changes: - run.sh: Removed check_host_fde() function and its call in iso build path - run.sh: Fixed SB key chmod in inline SECUREBOOT_HOOK (C-04 complete) - run.sh: Fixed cache manifest format — no longer capped at 20 files (H-09) - docs/PRD.md: Removed FR-011 Host FDE, renumbered FR-011 = Secure Boot/UKI - docs/COMPLIANCE.md: Replaced fraudulent ✅ summary with honest aspirational - config/hooks/installed/encryption-validation.sh: lsblk discovery (H-06) - src/security-hardening.sh: Synced WiFi blacklist with live hook (M-12) - tests/: Updated 3 test files for guest encryption instead of host FDE - AGENTS.md, README.md, audit docs: Removed host FDE references - STATUS.md: Updated for current state - JOURNAL.md: Added ADR-017 (host FDE not required) 782 tests pass, 0 fail, 0 shellcheck warnings. Reference: DeepReport-2026-05-08.md C-02, C-04, H-06, H-09, M-12 💘 Generated with Crush Assisted-by: GLM-5.1 via Crush <crush@charm.land>	2026-05-08 14:28:04 -05:00
Charles N Wyble	09b4f12026	docs(audit): update FINDING-002 to informational (by design) Firewall OUTPUT DROP policy confirmed as intentional for immutable system security model: - Zero traffic leakage (no DNS poisoning, NTP spoofing, C2 exfil) - Immutable system with no in-place updates - WireGuard endpoint loaded via USB disk - Time synchronized from host/hypervisor Updated risk summary: 1 HIGH (Secure Boot), 4 MEDIUM, 3 LOW, 2 INFO Remaining findings (001, 005, 006, 007, 008) to be addressed by software team per audit recommendations. 💘 Generated with Crush Assisted-by: GLM-4 via Crush <crush@charm.land>	2026-02-20 10:35:42 -05:00
Charles N Wyble	c8b004cf3e	fix: use system libvirt with /tmp storage for virt-manager visibility - Changed from qemu:///session to qemu:///system so VMs appear in virt-manager - Store disk and ISO in /tmp (user-writable, no sudo needed) - User is in libvirt group so can access system libvirt without sudo - Updated test to expect system URI This fixes the regression where VMs were not visible in virt-manager. 💘 Generated with Crush Assisted-by: GLM-4.7 via Crush <crush@charm.land>	2026-02-20 10:22:48 -05:00

Author

SHA1

Message

Date

reachableceo

efb6988719

fix: remove host FDE requirement, fix remaining audit partials

Host FDE is no longer required — only guest (ISO) FDE matters per owner
direction. The build host's security posture is the owner's responsibility.
The Docker container already isolates the build process.

Changes:
- run.sh: Removed check_host_fde() function and its call in iso build path
- run.sh: Fixed SB key chmod in inline SECUREBOOT_HOOK (C-04 complete)
- run.sh: Fixed cache manifest format — no longer capped at 20 files (H-09)
- docs/PRD.md: Removed FR-011 Host FDE, renumbered FR-011 = Secure Boot/UKI
- docs/COMPLIANCE.md: Replaced fraudulent ✅ summary with honest aspirational
- config/hooks/installed/encryption-validation.sh: lsblk discovery (H-06)
- src/security-hardening.sh: Synced WiFi blacklist with live hook (M-12)
- tests/: Updated 3 test files for guest encryption instead of host FDE
- AGENTS.md, README.md, audit docs: Removed host FDE references
- STATUS.md: Updated for current state
- JOURNAL.md: Added ADR-017 (host FDE not required)

782 tests pass, 0 fail, 0 shellcheck warnings.

Reference: DeepReport-2026-05-08.md C-02, C-04, H-06, H-09, M-12

💘 Generated with Crush

Assisted-by: GLM-5.1 via Crush <crush@charm.land>

2026-05-08 14:28:04 -05:00

Charles N Wyble

09b4f12026

docs(audit): update FINDING-002 to informational (by design)

Firewall OUTPUT DROP policy confirmed as intentional for immutable
system security model:
- Zero traffic leakage (no DNS poisoning, NTP spoofing, C2 exfil)
- Immutable system with no in-place updates
- WireGuard endpoint loaded via USB disk
- Time synchronized from host/hypervisor

Updated risk summary: 1 HIGH (Secure Boot), 4 MEDIUM, 3 LOW, 2 INFO

Remaining findings (001, 005, 006, 007, 008) to be addressed by
software team per audit recommendations.

💘 Generated with Crush

Assisted-by: GLM-4 via Crush <crush@charm.land>

2026-02-20 10:35:42 -05:00

Charles N Wyble

c8b004cf3e

fix: use system libvirt with /tmp storage for virt-manager visibility

- Changed from qemu:///session to qemu:///system so VMs appear in virt-manager
- Store disk and ISO in /tmp (user-writable, no sudo needed)
- User is in libvirt group so can access system libvirt without sudo
- Updated test to expect system URI

This fixes the regression where VMs were not visible in virt-manager.

💘 Generated with Crush

Assisted-by: GLM-4.7 via Crush <crush@charm.land>

2026-02-20 10:22:48 -05:00

3 Commits