mirror of
https://github.com/kuhyx/testsAndMisc.git
synced 2026-07-04 13:23:15 +02:00
- Add enforce-resolved.sh: validates ReadEtcHosts=yes, prevents DNSOverTLS bypass, removes drop-in overrides, locks drop-in dir - Add resolved-guard.path/service: watches /etc/systemd/resolved.conf and its drop-in directory for tampering - Update pacman hooks to unlock/relock nsswitch.conf and resolved.conf alongside /etc/hosts during package transactions - Extend setup_hosts_guard.sh with --skip-resolved option, resolved canonical snapshot, drop-in directory locking, and enforcement - Add resolved.conf checks to check_and_enable_services.sh: validates ReadEtcHosts, DNSOverTLS, drop-in overrides, immutable attribute, and resolved-guard.path status with auto-fix capability Fixed on live system: ReadEtcHosts was set to 'no' and nsswitch.conf was missing 'files' in the hosts line, completely bypassing /etc/hosts. |
||
|---|---|---|
| .github | ||
| .vscode | ||
| articles | ||
| C | ||
| CPP | ||
| LaTeX | ||
| linux_configuration | ||
| poker_modifier_app | ||
| pomodoro_app | ||
| python_pkg | ||
| sonic_pi | ||
| TS | ||
| .fvmrc | ||
| .gitignore | ||
| .pre-commit-config.yaml | ||
| eslint.config.mjs | ||
| lint_python.sh | ||
| package-lock.json | ||
| package.json | ||
| pyproject.toml | ||
| pytest.ini | ||
| requirements-dev.txt | ||
| requirements.txt | ||
| setup.sh | ||
| test_input_clean.wav | ||
| test_input.wav | ||